About the security content of iOS 16.7.5 and iPadOS 16.7.5 – Apple Support

January 22, 2024 at 01:42PM Summary: – Apple released updates addressing multiple CVE issues including privacy, memory handling, and access risks affecting various products like Accessibility, Apple Neural Engine, curl, ImageIO, Safari, and WebKit for specific devices. The updates aim to mitigate potential user data exposure, arbitrary code execution, and web content vulnerabilities. From the … Read more

CISA Flags 6 Vulnerabilities – Apple, Apache, Adobe , D-Link, Joomla Under Attack

January 10, 2024 at 12:06AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six actively exploited security flaws to its catalog, including a high-severity vulnerability in Apache Superset. Details of the issue were first reported in April 2023. CISA recommends federal agencies to apply fixes for these bugs by January 29, 2024, to … Read more

New year, new bugs in Windows, Adobe, Android, more to be fixed

January 9, 2024 at 05:35PM Microsoft’s recent Patch Tuesday brought 49 Windows security updates and four high-severity Chrome flaws for Edge. Although there’s no active exploitation, two critical CVEs are listed as “exploitation more likely.” Adobe and SAP also released patches for their products, while Google’s Android Security Bulletin addressed 59 CVEs. No prior exploits … Read more

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

November 15, 2023 at 01:15AM Microsoft has released patches to address 63 security bugs, including three actively exploited vulnerabilities. The flaws are rated as Critical, Important, and Moderate in severity. Five zero-day vulnerabilities are identified, including issues with Windows SmartScreen and ASP.NET Core. The U.S. Cybersecurity and Infrastructure Security Agency has issued a warning and … Read more

Veeam warns of critical bugs in Veeam ONE monitoring platform

November 6, 2023 at 04:59PM Veeam has released hotfixes to address four vulnerabilities in its Veeam ONE IT infrastructure monitoring and analytics platform. Two of the vulnerabilities are critical and allow attackers to gain remote code execution and steal NTLM hashes. The remaining two are medium-severity bugs. The company has provided hotfixes for actively supported … Read more

Critical vulnerability in F5 BIG-IP under active exploitation

November 1, 2023 at 12:30PM Cybersecurity company F5’s BIG-IP suite has been found to have vulnerabilities that are already being exploited after proof of concept code was shared online. F5 confirmed evidence of active exploitation just days after limited-detail research was published. The vulnerabilities include an Apache JServ Protocol smuggling vulnerability and an SQL injection … Read more