Google addressed another Chrome zero-day exploited at Pwn2Own in March Pierluigi Paganini April 03, 2024 Google fixed another Chrome zero-day vulnerability exploited during the Pwn2Own hacking competition in March. Google has addressed another zero-day vulnerability in the Chrome browser, tracked as CVE-2024-3159, that was exploited during the Pwn2Own hacking competition in March, 2024. The vulnerability […]
Cisco addressed severe flaws in its Secure Client Pierluigi Paganini March 08, 2024 Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338. Cisco Secure Client is […]
VMware urgent updates addressed Critical ESXi Sandbox Escape bugs Pierluigi Paganini March 05, 2024 VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent updates to fix critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion, and Cloud Foundation […]
VMware urgent updates addressed Critical ESXi Sandbox Escape bugs Pierluigi Paganini March 05, 2024 VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent updates to fix critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion, and Cloud Foundation […]
Jan 10, 2024NewsroomVulnerability / Windows Security Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known […]
Dec 28, 2023NewsroomCloud Security / Data Protection Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. “An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required […]
Google addressed a new actively exploited Chrome zero-day Pierluigi Paganini December 20, 2023 Google has released emergency updates to address a new actively exploited zero-day vulnerability in the Chrome browser. Google has released emergency updates to address a new zero-day vulnerability, tracked as CVE-2023-7024, in its web browser Chrome. The flaw has been addressed with […]
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. “The targeting took place after Eltantawy publicly stated his plans to run […]
Microsoft addressed five critical security vulnerabilities in its September Patch Tuesday update, along with two “important”-rated zero-days under active attack in the wild. In total, Microsoft released 59 new patches addressing bugs across the product gamut: They affect Microsoft Windows, Exchange Server, Office, .NET and Visual Studio, Azure, Microsoft Dynamics, and Windows Defender. The update […]