-
Apple patches older iPhones and iPads against Coruna exploits
Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit.
- March 12, 2026
- 09:43 AM
0
-
Cloudflare blames today's outage on React2Shell mitigations
Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks.
- December 05, 2025
- 08:53 AM
0
-
New report: How browser-based attacks are bypassing your security controls
Browser-based attacks, from AITM phishing and ClickFix to malicious OAuth apps and session hijacking, are driving today's biggest breaches.
A new report from Push Security breaks down the techniques attackers are using, real-world case studies, and the detection gaps leaving security teams exposed.
-
Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks
Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited.
- November 14, 2025
- 12:00 PM
- 1
-
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.
- November 14, 2025
- 04:52 AM
- 1
-
Oracle releases emergency patch for new E-Business Suite flaw
Oracle has issued an emergency security update over the weekend to patch another E-Business Suite (EBS) vulnerability that can be exploited remotely by unauthenticated attackers.
- October 13, 2025
- 10:42 AM
- 0
-
Apple backports zero-day patches to older iPhones and iPads
Apple has released security updates to backport patches released last month to older iPhones and iPads, addressing a zero-day bug that was exploited in "extremely sophisticated" attacks.
- September 16, 2025
- 08:16 AM
- 0
-
Adobe patches critical SessionReaper flaw in Magento eCommerce platform
Adobe is warning of a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms that researchers call SessionReaper and describe as one of " the most severe" flaws in the history of the product.
- September 09, 2025
- 11:53 AM
- 0
-
Cisco warns of ISE and CCP flaws with public exploit code
Cisco has released patches to address three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) solutions.
- June 04, 2025
- 03:19 PM
- 0
-
Microsoft disables BitLocker security fix, advises manual mitigation
Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode.
- August 15, 2024
- 11:26 AM
- 3
-
Docker fixes critical 5-year old authentication bypass flaw
Docker has issued security updates to address a critical vulnerability impacting certain versions of Docker Engine that could allow an attacker to bypass authorization plugins (AuthZ) under certain circumstances.
- July 24, 2024
- 03:00 PM
- 0
-
Apple emergency updates fix recent zero-days on older iPhones
Apple has issued emergency security updates to backport patches for two actively exploited zero-day flaws to older iPhones and some Apple Watch and Apple TV models.
- December 11, 2023
- 02:28 PM
- 0
-
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked
Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices.
- October 30, 2023
- 11:09 PM
- 0
-
Cisco patches IOS XE zero-days used to hack over 50,000 devices
Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week.
- October 23, 2023
- 10:08 AM
- 0
-
Microsoft Exchange gets ‘better’ patch to mitigate critical bug
The Exchange Team asked admins to deploy a new and "better" patch for a critical Microsoft Exchange Server vulnerability initially addressed in August.
- October 10, 2023
- 04:03 PM
- 0
-
Exim patches three of six zero-day bugs disclosed last week
Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution.
- October 02, 2023
- 05:50 PM
- 0
-
FBI warns of patched Barracuda ESG appliances still being hacked
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks.
- August 24, 2023
- 03:09 PM
- 0
-
ASUS urges customers to patch critical router vulnerabilities
ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured.
- June 19, 2023
- 01:30 PM
- 6
-
Microsoft shares script to fix WinRE BitLocker bypass flaw
Microsoft has released a script to make it easier to patch a BitLocker bypass security vulnerability in the Windows Recovery Environment (WinRE).
- March 17, 2023
- 02:03 AM
- 3
-
Actively exploited GoAnywhere MFT zero-day gets emergency patch
Fortra has released an emergency patch to address an actively exploited zero-day vulnerability in the GoAnywhere MFT secure file transfer tool.
- February 07, 2023
- 03:37 AM
- 0
-
Microsoft urges admins to patch on-premises Exchange servers
Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update.
- January 26, 2023
- 06:02 PM
- 2
0
