Security News

Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble
2024-11-18 22:29

If you didn't fix this a month ago, your to-do list probably needs a reshuffle Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution...

Critical RCE bug in VMware vCenter Server now exploited in attacks
2024-11-18 18:54

​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. [...]

Major security audit of critical FreeBSD components now available
2024-11-18 15:19

The FreeBSD Foundation, in partnership with the Alpha-Omega Project, has released the results of an extensive security audit of two critical FreeBSD components: the bhyve hypervisor and the...

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
2024-11-18 04:52

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an...

Palo Alto Networks warns of critical RCE zero-day exploited in attacks
2024-11-15 14:44

Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited...

Critical vulnerabilities persist in high-risk sectors
2024-11-15 04:30

Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest vulnerabilities The report, which...

Patch Tuesday: Four Critical Vulnerabilities Paved Over
2024-11-13 19:55

The November 2024 Microsoft updates let Windows 11 users remap the Copilot button.

Critical bug in EoL D-Link NAS devices now exploited in attacks
2024-11-13 18:36

​Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices. [...]

D-Link won’t fix critical bug in 60,000 exposed EoL modems
2024-11-12 20:31

Tens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user's...

HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities
2024-11-11 09:57

Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result...