Tag: Patch
-
The Register: Zero-day lets nation-state spies cross-examine elite US law firm Williams & Connolly
Source URL: https://www.theregister.com/2025/10/09/zeroday_nationstate_us_law_firm/ Source: The Register Title: Zero-day lets nation-state spies cross-examine elite US law firm Williams & Connolly Feedly Summary: China-linked snoops crack email at DC powerhouse that represented Bill Clinton, Elizabeth Holmes Washington’s elite law firm Williams & Connolly has confirmed that attackers exploited a zero-day vulnerability to access a handful of attorney…
-
The Register: Google DeepMind minds the patch with AI flaw-fixing scheme
Source URL: https://www.theregister.com/2025/10/07/google_deepmind_patches_holes/ Source: The Register Title: Google DeepMind minds the patch with AI flaw-fixing scheme Feedly Summary: CodeMender has been generating fixes for vulnerabilities in open source projects Google says its AI-powered security repair tool CodeMender has been helping secure open source projects through automated patch creation, subject to human approval.… AI Summary and…
-
Slashdot: Redis Warns of Critical Flaw Impacting Thousands of Instances
Source URL: https://it.slashdot.org/story/25/10/06/222222/redis-warns-of-critical-flaw-impacting-thousands-of-instances?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Redis Warns of Critical Flaw Impacting Thousands of Instances Feedly Summary: AI Summary and Description: Yes Summary: The Redis security team has issued critical patches for a vulnerability (CVE-2025-49844) that could allow remote code execution on a significant number of instances. This vulnerability, stemming from a long-standing issue in…
-
The Register: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried
Source URL: https://www.theregister.com/2025/10/06/microsoft_blames_medusa_ransomware_affiliates/ Source: The Register Title: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried Feedly Summary: You can’t find anything bad if you don’t look, right? Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra’s GoAnywhere managed file transfer (MFT) product, according to Microsoft Threat Intelligence.……
-
Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…
-
The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day
Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…
-
The Register: Oracle tells Clop-targeted EBS users to apply July patch, problem solved
Source URL: https://www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/ Source: The Register Title: Oracle tells Clop-targeted EBS users to apply July patch, problem solved Feedly Summary: Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems.……