Vulnerabilities fixed in Apple macOS, iOS and iPadOS

Apple has fixed vulnerabilities in macOS, iOS and iPadOS. A malicious party could exploit the vulnerabilities to execute arbitrary code with user privileges, potentially gaining access to sensitive data. Apple reports having information that the vulnerabilities have been limited and highly target...

PT-2025-13554 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: This issue is an information disclosure problem that leaks sensitive details, such as API keys and system configurations, which could provide attackers with the necessary information to laun...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Circumvention of security measure. Remote code execution Administrator/Root rights Remote code execution User rights Access to...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Manipulation of data; Circumvention of security measure; Accessing sensitive data. For successful exploitatio...

Vulnerability fixed in Adobe Magento

Adobe has fixed a vulnerability in Magento. A malicious party could potentially exploit the vulnerability to execute arbitrary code without authentication to execute arbitrary code under the privileges of the application. Adobe indicates that targeted exploits have been observed on Adobe Commerce...

Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 68.4.1, Thunderbird 68.4.1, and Firefox 72.0.1...

Terror Evolved: Exploit Kit Matures

This post is authored by Holger Unterbrink and Emmanuel Tacheau Executive SummaryTalos is monitoring the major Exploit KitsEK on an ongoing basis. While investigating the changes we recently observed in the RIG EK campaigns, we identified another well known candidate: Terror Exploit Kit.Terror EK...

Microsoft plugs 14 PowerPoint security holes

Microsoft has slapped a massive band-aid on its PowerPoint presentation software to cover at least 14 documented security vulnerabilities. The MS09-017 update, rated “critical,” includes a fix for a known code execution flaw that was used to launch targeted exploits via rigged PowerPoint files...