Security News > 2023 > May > Week in review: KeePass vulnerability, Apple fixes exploited WebKit 0-days
Apple fixes WebKit 0-days under attackApple has released security updates for iOS and iPadOS, macOS, tvOS and watchOS, delivering fixes for many vulnerabilities but, most importantly, for CVE-2023-32409, a WebKit 0-day that "May have been actively exploited."
Enhancing open source security: Insights from the OpenSSF on addressing key challengesIn this Help Net Security interview, we meet a prominent industry leader.
Brian Behlendorf, CTO at the Open Source Security Foundation, shares insights on the influence of his experiences with the White House CTO office, World Economic Forum, and Linux Foundation on leading the OpenSSF and addressing open-source security challenges.
KeePass flaw allows retrieval of master password, PoC is publicA vulnerability in the open-source password manager KeePass can be exploited to retrieve the master password from the software's memory, says the researcher who unearthed the flaw.
Web entity activity reveals insights into internet securityIn this Help Net Security video, Himaja Motheram, Security Researcher at Censys, offers insight into the assets and weaknesses across organizations' internet infrastructure.
Malicious open-source components threatening digital infrastructureIn this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged nature of open-source software.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-23 | CVE-2023-32409 | Unspecified vulnerability in Apple products The issue was addressed with improved bounds checks. | 8.6 |