Forbes20d
Critical Microsoft Outlook Vulnerability Rated 9.8/10 Confirmed—Update Now
Microsoft has confirmed that three zero-day vulnerabilities impacting Windows users are already being exploited, and news of a new Microsoft 365 high-speed password attack breaking, Outlook users ...
CSOonline22d
CISA warns second BeyondTrust vulnerability also exploited in the wild
The US Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities a second vulnerability by BeyondTrust, which was patched in December.
Bleeping Computer22d
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. This Patch ...
Forbes7d
Nvidia Security Warning—Act Now As 7 New GPU Vulnerabilities Confirmed
A Jan. 27 security bulletin from Nvidia has confirmed a total of seven vulnerabilities, one low, three medium and three high-severity rated, impacting the Nvidia GPU display driver. “To protect ...
Bleeping Computer21d
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. As part of the January ...
USA Today8d
Chiefs Super Bowl roster, depth chart: Everything to know about AFC champions
Here's what to know about Kansas City's roster for Super Bowl 59, including their depth chart, practice squad and more.
heise online6d
Vulnerability assessment: Open source developer renews criticism of CVSS and CVE
Daniel Stenberg, inventor and main developer of the open source command line tool cURL, has once again criticized the CVE (Common Vulnerabilities and Exposures) ecosystem in a blog post.
heise online29d
Zero-day vulnerability in Sonicwall SSL VPN is attacked
According to this, a security vulnerability in Sonicwall firewalls is currently being abused by customers who have activated SSL VPN or SSH management. Updating to the latest firmware, which is ...
TechRadar22d
Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
Fortinet releases advisory urging users to apply available patch Security researchers warn the bug is being exploited en-masse CISA added the flaw to its KEV catalog A zero-day vulnerability in ...
MacRumors8d
Apple to Patch Web Browser Vulnerabilities Affecting Recent Macs, iPads and iPhones
There are two new speculative execution attacks that impact recent Apple chips, according to data shared today by Georgia Tech students that discovered the vulnerabilities. Named SLAP and FLOP ...
Cloud Security Alliance10d
New Report Details a Rising Toxic Cloud Trilogy of Vulnerabilities
Unremediated critical vulnerabilities and exposures (CVE), excessive AWS permissions, and unsecured public-facing cloud assets make up the toxic cloud trilogy.
TechCrunch27d
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers.