Security News

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
2025-04-19 14:05

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. [...]

Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now
2025-04-17 21:34

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. [...]

Old Fortinet flaws under attack with new method its patch didn't prevent
2025-04-14 05:35

PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more! Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three...

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
2025-04-10 14:13

Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put...

April's Patch Tuesday leaves unlucky Windows Hello users unable to login
2025-04-09 21:53

Can't Redmond ask its whizz-bang Copilot AI to fix it? Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using...

Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day
2025-04-09 21:24

One CVE was used against “a small number of targets.” Windows 10 users needed to wait a little bit for their patches.

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
2025-04-08 17:53

Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as...

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
2025-04-08 17:50

Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. [...]

Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
2025-04-08 04:05

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-53150 (CVSS score: 7.8) -...

Chrome to patch decades-old flaw that let sites peek at your history
2025-04-07 14:04

After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming...