100M IoT Devices Exposed By Zero-Day Bug
A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.
A flaw in a widely used internet-of-things (IoT) infrastructure code left more than 100 million...
iPhones Vulnerable to Attack Even When Turned Off
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.
Attackers can target iPhones even when they...
IBM Squashes Critical Remote Code-Execution Flaw
A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code.
IBM has patched a critical buffer-overflow error that affects Big Blue’s Integration Designer toolset,...
Targeted AnyDesk Ads on Google Served Up Weaponized App
Malicious ad campaign was able to rank higher in searches than legitimate AnyDesk ads.
A fake version of the popular remote desktop application AnyDesk, pushed via ads appearing...
Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month.
Adobe has released 18 out-of-band security patches in 10 different software packages, including fixes for critical vulnerabilities that...
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day
Update now: The ream of bugs includes some remotely exploitable code execution flaws. Still to come: a fix for what makes iPhones easy prey for Pegasus spyware.
iPhone users,...
Windows Vulnerability Allows Malware To Run With Admin Rights
Security researchers have discovered a workaround for a Microsoft Print Services vulnerability patch ( CVE-2020-1048 ) that allows attackers to execute malicious code with elevated privileges.
The vulnerability was discovered by experts Peleg Hadar and Tomer...
VMWare Urges Users to Patch Critical Authentication Bypass Bug
Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.
VMware and experts alike are urging users to...
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
Microsoft’s regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
Microsoft has released its regularly scheduled March Patch Tuesday updates, which address 89 security vulnerabilities overall.
Included in the slew...
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs.
Two vulnerabilities (one critical) in a...
