Collaborate Disseminate
A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.
The post Six-year old bug will likely live forever in Lenovo, Intel products appeared first on CyberScoop.
Continue reading Six-year old bug will likely live forever in Lenovo, Intel products
Google releases a Chrome 123 update to resolve three high-severity memory safety vulnerabilities.
The post Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities appeared first on SecurityWeek.
Continue reading Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities
Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls.
The post Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption appeared first on SecurityWeek.
Continue reading Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption
Fortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux.
The post Fortinet Patches Critical RCE Vulnerability in FortiClientLinux appeared first on SecurityWeek.
Continue reading Fortinet Patches Critical RCE Vulnerability in FortiClientLinux
Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware.
The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek.
Continue reading Microsoft Patches Two Zero-Days Exploited for Malware Delivery
Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters.
The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek.
Continue reading Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers
Adobe calls attention to a pair of code execution bugs in Adobe Commerce and Magento Open Source, a product used to manage online stories.
The post Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products appeared first on SecurityWeek.
… Continue reading Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products
SAP has released 12 new and updated security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities.
The post SAP’s April 2024 Updates Patch High-Severity Vulnerabilities appeared first on Securit… Continue reading SAP’s April 2024 Updates Patch High-Severity Vulnerabilities
Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.
The post Thousands of Ivanti VPN Appliances Impacted by Rece… Continue reading Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days.
The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek.
Continue reading Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits