Security News

Mozilla fixes Firefox zero-day actively exploited in attacks
2024-10-09 17:34

Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks. [...]

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
2024-10-08 19:37

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML...

Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws
2024-10-08 18:16

Today is Microsoft's October 2024 Patch Tuesday, which includes security updates for 118 flaws, including five publicly disclosed zero-days, two of which are actively exploited. [...]

Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
2024-10-08 18:08

Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in...

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
2024-10-08 16:38

Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild. The zero-day flaws are being weaponized in...

Ivanti warns of three more CSA zero-days exploited in attacks
2024-10-08 16:05

American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks. [...]

Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
2024-10-08 12:18

An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm...

Qualcomm patches high-severity zero-day exploited in attacks
2024-10-07 18:30

Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. [...]

Rackspace monitoring data stolen in ScienceLogic zero-day attack
2024-10-01 19:30

Cloud hosting provider Rackspace suffered a data breach exposing "limited" customer monitoring data after threat actors exploited a zero-day vulnerability in a third-party tool used by the...

Rackspace internal monitoring web servers hit by zero-day
2024-09-30 23:08

Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive Rackspace has told customers intruders exploited a zero-day bug in a...