February 1, 2024 | Cybernews
A heap-based buffer overflow vulnerability in the GNU C library (glibc) has been found, enabling unauthorized users to gain root access.
January 29, 2024 | Cybernews
Cisco has released a patch for a critical vulnerability in its Unified Communications and Contact Center Solutions products, which allows remote attackers to execute arbitrary code on affected devices by exploiting insecure processing of user-supplied data.
January 11, 2024 | Cybernews
Microsoft’s Patch Tuesday updates address critical vulnerabilities in Windows Kerberos authentication protocol and Windows Hyper-V, as well as other noteworthy vulnerabilities across various Microsoft products, reducing the risk of exploitation.
December 29, 2023 | Cybernews
Researchers have disclosed new details about the “Operation Triangulation” campaign, which involved zero-click attacks on iPhones and exploited an undocumented Apple hardware security feature, allowing attackers to gain control of iPhones and potentially other Apple devices.
December 22, 2023 | Cybernews
Attackers are taking advantage of a long-standing vulnerability in Microsoft Office to launch phishing campaigns and spread the Agent Tesla malware.
December 22, 2023 | Cybernews
Google has released an emergency patch for a high-severity zero-day vulnerability in Chrome that is actively being exploited, allowing attackers to potentially install programs, manipulate data, or create new accounts with full user rights.
December 22, 2023 | Cybernews
Ivanti has released Avalanche 6.4.2, an update to its mobile device management product, to address 22 vulnerabilities, including critical ones that allowed remote code execution on unpatched systems.
December 19, 2023 | Cybernews
Akamai Technologies has disclosed two security vulnerabilities in Microsoft Windows Outlook clients that could potentially be exploited by cybercriminals to achieve remote code execution on the Outlook email service without any user interaction.
December 14, 2023 | Cybernews
Google is implementing Clang sanitizers to detect and prevent vulnerabilities in the Android baseband, reducing the risk of attacks and prioritizing user data security.
November 16, 2023 | Cybernews
A critical security flaw in Apache ActiveMQ, known as CVE-202346604, allows for arbitrary code execution in memory, enabling threat actors to remotely run arbitrary shell commands and deploy ransomware strains like TellYouThePass and a remote access trojan called SparkRAT.