security update
Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) …
SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly …
Update your OpenWrt router! Security issue made supply chain attack possible
A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development …
Wireshark 4.4.2: Security updates, bug fixes, updated protocol support
Wireshark, the popular network protocol analyzer, has reached version 4.4.2. It is used for troubleshooting, analysis, development and education. The following vulnerabilities …
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …
Google patches actively exploited Android vulnerability (CVE-2024-43093)
Google has delivered fixes for two vulnerabilities endangering Android users that “may be under limited, targeted exploitation”: CVE-2024-43047, a flaw affecting …
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)
Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and …
Ransomware hits web hosting servers via vulnerable CyberPanel instances
A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX …
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)
Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 …
VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)
Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the …
Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability
In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese …
Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About …
Featured news
Resources
Don't miss
- The many variants of the ClickFix social engineering tactic
- Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)
- How agentic AI and non-human identities are transforming cybersecurity
- Even the best safeguards can’t stop LLMs from being fooled
- Wave of tech layoffs leads to more job scams