Patch, but don’t be scared! OpenSSH bug is back from the dead
A vulnerability from 2006 has come back to life to haunt installations of the widely-used secure shell.
2 minutes
Vulnerabilities
Upgrade now! Juniper releases patch for critical authentication bypass
Juniper Networks has released an out-of-cycle upgrade for a CVSS 10 vulnerability.
1 minute
Old, critical Firefox updates STILL need patching
It isn't just Chrome that organizations are struggling to keep updated.
2 minutes
Upgrade now! Critical Fortra FileCatalyst Workflow vulnerability needs your attention
An SQL injection vulnerability in Forta’s FileCatalyst Workflow has a CVSS score of 9.8 and a working proof-of-concept exploit.
1 minute
GrimResource MSC attack uses 5-year-old vulnerability
Cybercriminals' search for an alternative to Office macros has brought them to MSC files used by the Microsoft Management Console.
2 minutes
Patch now! VMWare releases fix for critical vulnerabilities
Broadcom notified VMWare users about an update for VMware vCenter Server which addresses three critical vulnerabilities.
2 minutes
Why are browser vulnerabilities going unpatched?
Last week, the top five unpatched vulnerabilities were all browser-based, some from 2023.
3 minutes
20,000 Fortinet VPN appliances compromised, investigation reveals
An investigation by Dutch government agencies has revealed that over 20,000 FortiGate security appliances were compromised by cyber-spies.
2 minutes
Patch now! Critical RCE vulnerability in Microsoft Message Queuing
Patch Tuesday revealed a serious bug that could be remotely exploitable on up to a million internet-connected Windows machines.
2 minutes
Update now! June’s Patch Tuesday—one zero-day, but it’s a doozy
Microsoft’s Patch Tuesday for May 2024 looks relaxed, but there are some fixes that need your attention.
3 minutes
