Security News

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
2024-10-08 04:07

Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The...

Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
2024-10-06 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started...

October 2024 Patch Tuesday forecast: Recall can be recalled
2024-10-04 04:40

October arrived, and Microsoft started the month by announcing the release of Windows 11 24H2. The preview versions of this release have been in the news due to many innovations and one...

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
2024-10-03 06:06

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited...

'Patch yesterday': Zimbra mail servers under siege through RCE vuln
2024-10-02 10:50

Attacks began the day after public disclosure "Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.…

Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now
2024-09-27 15:44

Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in...

Progress urges admins to patch critical WhatsUp Gold bugs ASAP
2024-09-27 12:01

Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible. [...]

Patch now: Critical Nvidia bug allows container escape, complete host takeover
2024-09-26 21:42

33% of cloud environments using the toolkit impacted, we're told A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and...

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
2024-09-19 12:30

Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could...

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
2024-09-18 05:08

Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as...