Security News

Rsync vulnerabilities allow remote code execution on servers, patch quickly!
2025-01-15 14:24

Six vulnerabilities have been fixed in the newest versions of Rsync (v3.4.0), two of which could be exploited by a malicious client to achieve arbitrary code execution on a machine with a running...

Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
2025-01-14 19:01

Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...]

CISA orders agencies to patch BeyondTrust bug exploited in attacks
2025-01-13 20:58

​CISA tagged a vulnerability in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. [...]

Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
2025-01-12 09:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two...

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
2025-01-10 07:38

Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products...

SonicWall urges admins to patch exploitable SSLVPN bug immediately
2025-01-08 19:16

SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is "susceptible to...

What Is Patch Tuesday? Microsoft’s Monthly Update Explained
2025-01-01 15:00

Patch Tuesday is Microsoft’s monthly update day for fixing vulnerabilities. Learn its purpose, benefits, and how it enhances system security.

Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately
2024-12-27 07:34

Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices. The flaw, tracked as...

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
2024-12-25 13:30

The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute...

Best Patch Management Software (2025): Compare Features & Pricing
2024-12-23 13:00

Patch management software ensures that known vulnerabilities are patched efficiently to prevent breaches while streamlining IT workflows. Find the best patch management solution for your business.