Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution,…
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over…
Google Chrome emergency update fixes 6th zero-day exploited in 2023
Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing…
Microsoft Patch Tuesday, November 2023 Edition
Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software,…
VMware discloses critical VCD Appliance auth bypass with no patch
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. [...]
Virtual Alarm: VMware Issues Major Security Advisory
VMware vCenter Servers need immediate patch against critical RCE bug as race against threat actors begins.
Cyberattackers Alter Implant on 30K Compromised Cisco IOS XE Devices
A seemingly sharp drop in the number of compromised Cisco IOS XE devices visible on the Internet led to a…
Cisco warns of new IOS XE zero-day actively exploited in attacks
Cisco warned admins today of a new maximum severity authentication bypass zero-day in its IOS XE software that lets unauthenticated attackers…
Hyped up curl vulnerability falls short of expectations
curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long…
Cisco urges admins to fix IOS software zero-day exploited in attacks
Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild.…