Lucene search
K

16 matches found

The Hacker News
The Hacker News
added 2023/05/10 5:34 a.m.146 views

Microsoft's May Patch Tuesday Fixes 38 Flaws, Including 2 Exploited Zero-Day Bugs

Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including two zero-day bugs that it said are being actively exploited in the wild. Trend Micro's Zero Day Initiative ZDI said the volume is the lowest since August 2021, although it pointed out that "this...

8.1CVSS8.2AI score0.84386EPSS
Exploits4
Wired Threat Level
Wired Threat Level
added 2023/02/28 12:0 p.m.17 views

Apple Users Need to Update iOS Now to Patch Serious Flaws

Plus: Microsoft fixes several zero-day bugs, Google patches Chrome and Android, Mozilla rids Firefox of a full-screen vulnerability, and more...

3.3AI score
Exploits0
ThreatPost
ThreatPost
added 2022/06/24 11:2 a.m.442 views

Google Warns Spyware Being Deployed Against Android, iOS Users

Google is warning victims in Kazakhstan and Italy that they are being targeted by Hermit, a sophisticated and modular spyware from Italian vendor RCS Labs that not only can steal data but also record and make calls. Researchers from Google Threat Analysis Group TAG revealed details in a blog post...

9.3CVSS8.2AI score0.17438EPSS
Exploits7References15
The Hacker News
The Hacker News
added 2022/03/09 5:44 a.m.109 views

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms

Microsoft's Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity...

8.8CVSS1.2AI score0.40789EPSS
Exploits3
The Hacker News
The Hacker News
added 2022/03/07 4:21 a.m.66 views

2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!

Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild. Tracked as CVE-2022-26485 and CVE-2022-26486, the zero-day flaws have been described as use-after-free...

9.6AI score0.14261EPSS
Exploits2
ThreatPost
ThreatPost
added 2022/01/26 10:19 p.m.63 views

Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild

Apple on Wednesday released 13 patches for serious security bugs in macOS and 10 for flaws in iOS/iPadOS. They include fixes for two zero-day bugs, one of which may have been exploited by attackers in the wild. The first zero-day CVE-2022-22587 is a memory-corruption issue that could be exploited...

10CVSS8.4AI score0.11638EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2022/01/20 1:18 p.m.61 views

Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers

An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovic...

9.8CVSS8.5AI score0.03207EPSS
Exploits2
ThreatPost
ThreatPost
added 2021/09/16 11:37 a.m.47 views

Azure Zero-Day Bugs Show Lurking Supply-Chain Risk

Four Microsoft zero-day vulnerabilities in the Azure cloud platform’s Open Management Infrastructure OMI — a software that many don’t know is embedded in a host of services — show that OMI represents a significant security blind spot, researchers said. Collectively dubbed “OMIGOD” because of the...

9.8CVSS9AI score0.99723EPSS
Exploits20References12
The Hacker News
The Hacker News
added 2021/07/28 10:58 a.m.54 views

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan RAT on compromised systems. Attributing the intrusions to a threat actor...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/09 6:7 a.m.303 views

Update Your Windows Computers to Patch 6 New In-the-Wild Zero-Day Bugs

Microsoft on Tuesday released another round of security updates for Windows operating system and other supported software, squashing 50 vulnerabilities, including six zero-days that are said to be under active attack. The flaws were identified and resolved in Microsoft Windows, .NET Core and Visu...

9.6CVSS0.9AI score0.81107EPSS
Exploits8
Krebs on Security
Krebs on Security
added 2021/06/08 8:53 p.m.264 views

Microsoft Patches Six Zero-Day Security Holes

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks. Junes Patch Tuesday addresses just 49 security holes -- about half the normal...

9.3CVSS1.5AI score0.81107EPSS
Exploits7
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/05/07 12:0 a.m.12 views

This Week in Security News May 7, 2021

New Panda Stealer Targets Cryptocurrency Wallets and Apple Releases Urgent Security Patches for Zero-Day Bugs...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/04 5:42 a.m.102 views

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks

Apple on Monday released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. The weaknesses all concern WebKit, the browser engine which powers Safari and other...

8.8CVSS1.4AI score0.04528EPSS
Exploits0
ThreatPost
ThreatPost
added 2020/04/24 8:41 p.m.61 views

Latest Apple Text-Bomb Crashes iPhones via Message Notifications

Apple devices are vulnerable to a “text bomb” attack where simply looking at messages or posts containing characters in the Sindhi language can crash devices. Sindhi is an official language used in Pakistan. The bug affects iPhone, iPad, Macs and Apple Watches, and arises from macOS and iOS faili...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/04/24 12:15 p.m.198 views

Apple Pushes Back Against Zero-Day Exploit Claims

Apple has pushed back against claims that two zero-day bugs in its iPhone iOS have been exploited for years, saying it’s found no evidence to support such activity. Apple officials made the statement in response to a widely disseminated report published Wednesday by ZecOps, which claimed that two...

Exploits0References6
ThreatPost
ThreatPost
added 2011/09/20 5:47 p.m.19 views

Nation-State Attackers Are Adobe's Biggest Worry

SAN FRANCISCO–It’s no secret that attackers have made Adobe’s products key targets for the last couple of years, routinely going after bugs in Reader, Flash and Acrobat in targeted attacks and widespread campaigns alike. But it’s not just the rank-and-file bad guys who are making Adobe a priority...

0.4AI score
Exploits0References2
Rows per page
Query Builder