Zyxel warns of critical OS command injection flaw in routers

September 3, 2024 at 03:59PM Zyxel released security updates for a critical vulnerability affecting various business routers, allowing unauthenticated attackers to execute OS commands. The flaw, tracked as CVE-2024-7261, has a CVSS v3 score of 9.8. Additionally, multiple high-severity flaws in APT and USG FLEX firewalls were addressed through security updates. Detailed information is available … Read more

Google Patches Seventh Chrome Zero-Day of 2023

November 29, 2023 at 08:36AM Google has patched a zero-day vulnerability (CVE-2023-6345) impacting Chrome, involving an integer overflow in Skia graphics engine. Acknowledging active exploitation, Google’s update also fixes five other high-risk bugs, and issues $55,000 in bug bounties. This marks the seventh Chrome zero-day addressed in the year. Chrome version 119.0.6045.199/200 is being rolled … Read more