Experimental News Clipping Site

Tag: day vulnerability

  • Krebs on Security: Patch Tuesday, April 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/04/patch-tuesday-april-2025-edition/ Source: Krebs on Security Title: Patch Tuesday, April 2025 Edition Feedly Summary: Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical" rating, meaning malware…

  • Cloud Blog: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ Source: Cloud Blog Title: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) Feedly Summary: Written by: John Wolfram, Michael Edie, Jacob Thompson, Matt Lin, Josh Murchie On Thursday, April 3, 2025, Ivanti disclosed a critical security vulnerability, CVE-2025-22457, impacting Ivanti Connect Secure (“ICS”) VPN appliances version 22.7R2.5 and…

  • The Register: After Chrome patches zero-day used to target Russians, Firefox splats similar bug

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/28/google_kaspersky_mozilla/ Source: The Register Title: After Chrome patches zero-day used to target Russians, Firefox splats similar bug Feedly Summary: Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability,…

  • Cisco Talos Blog: Tomorrow, and tomorrow, and tomorrow: Information security and the Baseball Hall of Fame

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/tomorrow-and-tomorrow-and-tomorrow-information-security-and-the-baseball-hall-of-fame/ Source: Cisco Talos Blog Title: Tomorrow, and tomorrow, and tomorrow: Information security and the Baseball Hall of Fame Feedly Summary: In this week’s Threat Source newsletter, William pitches a fun comparison between baseball legend Ichiro Suzuki and the unsung heroes of information security, highlights newly released UAT-5918 research, and shares an exciting…

  • The Register: Critical PostgreSQL bug tied to zero-day attack on US Treasury

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/02/14/postgresql_bug_treasury/ Source: The Register Title: Critical PostgreSQL bug tied to zero-day attack on US Treasury Feedly Summary: High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.……

  • Krebs on Security: Microsoft Patch Tuesday, February 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/02/microsoft-patch-tuesday-february-2025-edition/ Source: Krebs on Security Title: Microsoft Patch Tuesday, February 2025 Edition Feedly Summary: Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. AI Summary and Description: Yes **Summary:** Microsoft has issued crucial updates…

  • Slashdot: Apple Fixes Zero-Day Exploited In ‘Extremely Sophisticated’ Attacks

    by

    Kurt Seifried
    in

    Source URL: https://apple.slashdot.org/story/25/02/10/217213/apple-fixes-zero-day-exploited-in-extremely-sophisticated-attacks?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Apple Fixes Zero-Day Exploited In ‘Extremely Sophisticated’ Attacks Feedly Summary: AI Summary and Description: Yes Summary: Apple has issued urgent security updates for iOS 18.3.1 and iPadOS 18.3.1 to fix a critical zero-day vulnerability exploited in sophisticated targeted attacks. The flaw compromised the USB Restricted Mode, critical for data…