Exploits and vulnerabilities

Update now! Chrome patches critical RCE vulnerability in Safe Browsing - Google has issued an update for Chrome which includes 26 security fixes, with one rated as
Browsers on iOS, iPadOS and Mac leak your browsing activity and personal identifiers - Safari 15 on macOS and all browsers on iOS and iPadOS can leak browsing information and personal information through flaw in the way the browsers use the IndexedDB API.
[updated] You can update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one - The first Patch Tuesday of the year 2022 is here. Make sure you're up to date!
After Log4j, December’s Patch Tuesday has snuck up on us - While everyone has one eye on Log4j, there are other vulnerabilities that need patching since Patch Tuesday has come along as well.
What SMBs can do to protect against Log4Shell attacks - Log4Shell is a severe software flaw affecting millions of applications, including those in your business. Secure this vulnerability now!
[Update: CISA issues Log4j vulnerabilities scanner] Log4j zero-day “Log4Shell” arrives just in time to ruin your weekend - A zero-day vulnerability with a CVSS score of 10.0 has been discovered in Apache's hugely popular Log4j utility.
Vulnerability in Windows 10 URI handler leads to remote code execution - Researchers found a vulnerability in the Windows 10 and 11 ms-officecmd URI handler. When it will be patched is unknown.
CronRAT targets Linux servers with e-commerce attacks - We look at a stealthy RAT attack focusing on e-commerce Linux servers called CronRAT which does some inventive things with dates.
Windows Installer vulnerability becomes actively exploited zero-day - A variant of an already patched vulnerability was disclosed by a researcher frustrated by Microsoft's rewards.

Select your language