PT-2025-46139

Name of the Vulnerable Software and Affected Versions Malware Remover versions prior to 6.6.8.20251023 Description An improper control of generation of code issue exists in Malware Remover, potentially allowing remote attackers to bypass protection mechanisms. Recommendations Update to Malware...

PT-2025-23563

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 137.0.7151.68 Microsoft Edge versions prior to 137.0.7151.68 Opera versions prior to 119.0.5497.70 Opera GX versions prior to 119.0.5497.68 Chromium versions prior to 137.0.7151.68 Description Google Chrome,...

CVE-2023-53028

In the Linux kernel, the following vulnerability has been resolved: Revert "wifi: mac80211: fix memory leak in ieee80211ifadd" This reverts commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. ieee80211iffree is already called from freenetdevndev because ndev-privdestructor == ieee80211iffree syzbot...

Update now! Apple issues patches for older iPhones and other devices

Apple has issued emergency updates that include patches for older iOS devices concerning the two actively used zero-day vulnerabilities that were patched last week in newer devices. Updates are available for: Safari 17.2| macOS Monterey and macOS Ventura| ---|---|--- iOS 17.2 and iPadOS 17.2|...

PT-2023-7236

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 119.0.6045.199 Description The issue is related to an integer overflow in the Skia graphics library of Google Chrome, allowing a remote attacker who has compromised the renderer process to potentially perform a...

Atlassian CVE-2023-22515 Blocked by Imperva

Atlassian, an Australian software company, has released emergency security updates to address a severe zero-day vulnerability in its Confluence Data Center and Server software. This vulnerability is actively being exploited, allowing attackers to create unauthorized Confluence administrator...

Zero-Click Exploit in iPhones

Make sure you update your iPhones: Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain dubbed BLASTPASS to deploy NSO Groups Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as...

Google Chrome Emergency Update Fixes Zero-Day Exploit in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A potential vulnerability in Google Chrome versions before 112.0.5615.121, identified as CVE-2023-2033, involves Type confusion in V8, which could allow a remote attacker to potentially exploit he...

Apple Addressed A Zero-day Vulnerability With An Emergency Security Update

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has released an emergency security update to fix a zero-day vulnerability, CVE-2023-23529, that could be used to hack iPhones, iPads, and Macs. The vulnerability was found in WebKit and coul...

Don’t spend another weekend patching Chrome

As we head into the weekend, Google has released an emergency security update for the Chrome desktop web browser to address a high-severity vulnerability known to be exploited in the wild. This is the seventh Chrome zero-day fixed this year by Google. This security bug CVE-2022-3723; QID 377721 i...

Chrome Zero Day – Just Before the Weekend (again)

As we head into the weekend, Google has released an emergency security update for the Chrome desktop web browser to address a high-severity vulnerability known to be exploited in the wild. This is the seventh Chrome zero-day fixed this year by Google. This security bug CVE-2022-3723; QID 377721 i...

Google Chrome issues an emergency update to address the third zero-day of year 2022

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A zero-day vulnerability has been discovered in Google Chrome versions prior to 100.0.4896.127. A type of confusion vulnerability tracked as CVE-2022-1364, is said to be exploited in the wild. This vulnerability affects the V8...

Conti, DeadBolt Target Delta, QNAP

Two Taiwanese companies were affected by separate ransomware incidents this week, forcing one to scramble to restore crippled systems and another to push out an emergency update to mitigate attacks on its customers. Delta Electronics, an electronics company that provides products for Apple, Tesla...

CVE-2021-43287 Allows Pre-Authenticated Build Takeover of GoCD Pipelines

On October 26, 2021, open-source CI/CD solution GoCD released version 21.3.0, which included a fix for CVE-2021-43287, a critical information disclosure vulnerability whose exploitation allows unauthenticated attackers to leak configuration information, including build secrets and encryption keys...

Google Emergency Update Fixes Two Chrome Zero Days

Google has pushed out an emergency Chrome update to fix yet another pair of zero days – the second pair this month – that are being exploited in the wild. This hoists this year’s total number of zero days found in the browser up to a dozen. “Google is aware the exploits for CVE-2021-37975 and...

Chrome’s eleventh zero-day vulnerability for the year 2021 has been patched

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A vulnerability in Chrome and Microsoft edgeChromium based exists as a result of a use-after-free issue when processing HTML data in Google Chromes Portals component. A remote attacker can create a specially designed site,...

Apple releases emergency update: Patch, but don’t panic

Spyware developed by the company NSO Group is back in the news today after Apple released an emergency fix for iPhones, iPads, Macs, and Apple Watches. The update fixes a vulnerability silently exploited by software called Pegasus, which is often used in high-level surveillance campaigns by...

Adobe Fixes Critical ColdFusion Flaw in Emergency Update

In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion platform, used for building web applications. The security alert comes two weeks after Adobe’s regularly-scheduled updates. During these updates, the tech company issued patches for a slew of critica...

Critical Adobe Photoshop Flaws Patched in Emergency Update

Adobe released a slew of patches for critical vulnerabilities Tuesday that were part of an out-of-band security update. Several of the critical flaws are tied to Adobe’s popular Photoshop photo-editing software and allow adversaries to execute arbitrary code on targeted Windows devices. Overall,...

Microsoft Internet Explorer Zero-Day Flaw Addressed in Out-of-Band Security Update

Microsoft has released out-of-band security updates addressing two vulnerabilities – including an Internet Explorer zero-day vulnerability being actively exploited in the wild. The Internet Explorer zero-day vulnerability CVE-2019-1367 is a remote code execution flaw that could enable an attacker...