Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024.
The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
SolarWinds Patches Critical Vulnerability in Access Rights Manager
SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.
The post SolarWinds Patches Critical Vulnerability in Access Rights Manager appeared first on SecurityWeek.
Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure
The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure.
The post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure appeared first on SecurityWeek.
Apple Suddenly Drops NSO Group Spyware Lawsuit
Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
The post Apple Suddenly Drops NSO Group Spyware Lawsuit appeared first on SecurityWeek.
In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit
Noteworthy stories that might have slipped under the radar: a possible Adobe Reader zero-day, researchers mistakenly hijack .mobi TLD, and an exploited WhatsApp View Once bypass.
The post In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit appeared first on SecurityWeek.
Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks
Apple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys.
The post Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks appeared first on SecurityWeek.
GitLab Updates Resolve Critical Pipeline Execution Vulnerability
GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw.
The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek.
Palo Alto Networks Patches Dozens of Vulnerabilities
Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser.
The post Palo Alto Networks Patches Dozens of Vulnerabilities appeared first on SecurityWeek.
Cisco Patches High-Severity Vulnerabilities in Network Operating System
Cisco has announced security updates that patch eight vulnerabilities in IOS XR software, including six high-severity bugs.
The post Cisco Patches High-Severity Vulnerabilities in Network Operating System appeared first on SecurityWeek.
Intel Informs Customers About Over a Dozen Processor Vulnerabilities
Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.
The post Intel Informs Customers About Over a Dozen Processor Vulnerabilities appeared first on SecurityWeek.