software update – Experimental News Clipping Site

The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day

Oct 6, 2025

—

by

Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…

Anchore: Analyzing the top MCP Docker Containers

Oct 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/ Source: Anchore Title: Analyzing the top MCP Docker Containers Feedly Summary: If you pay attention to the world of AI, you’ll have noticed that Model Context Protocol (MCP) is a very popular topic right now. The Model Context Protocol is an open standard that enables developers to build secure, two-way connections between…

Cisco Talos Blog: Nvidia and Adobe vulnerabilities

Oct 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/nvidia-and-adobe-vulnerabilities/ Source: Cisco Talos Blog Title: Nvidia and Adobe vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Nvidia and one in Adobe Acrobat.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort…

The Register: Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/26/microsoft_xcsset_macos/ Source: The Register Title: Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects Feedly Summary: Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses The long-running XCSSET malware strain has evolved again, with Microsoft warning of a new macOS variant that expands its bag of tricks while…

The Register: Third time’s the charm? SolarWinds (again) patches critical Web Help Desk RCE

Sep 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/23/solarwinds_patches_rce/ Source: The Register Title: Third time’s the charm? SolarWinds (again) patches critical Web Help Desk RCE Feedly Summary: Or maybe 3 strikes, you’re out? SolarWinds on Tuesday released a hotfix – again – for a critical, 9.8-severity flaw in its Web Help Desk IT ticketing software that could allow a remote, unauthenticated…

Anchore: Grant’s Release 0.3.0: Smarter Policies, Faster Scans, and Simpler Compliance

Sep 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/grants-release-0-3-0-smarter-policies-faster-scans-and-simpler-compliance/ Source: Anchore Title: Grant’s Release 0.3.0: Smarter Policies, Faster Scans, and Simpler Compliance Feedly Summary: Every modern application is built on a foundation of open source dependencies. Dozens, hundreds, sometimes thousands of packages can make up a unit of software being shipped to production. Each of these packages carries its own license…

The Register: This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill

Sep 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/10/microsoft_patch_tuesday/ Source: The Register Title: This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill Feedly Summary: ERP giant patches flaw that allows total takeover of NetWeaver, Microsoft has nothing under attack for once September’s Patch Tuesday won’t require Microsoft users to rapidly repair rancid software, but SAP users…

Cloud Blog: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats

Aug 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats/ Source: Cloud Blog Title: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats Feedly Summary: Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities…

Microsoft Security Blog: Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability

Jul 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/07/28/sploitlight-analyzing-a-spotlight-based-macos-tcc-vulnerability/ Source: Microsoft Security Blog Title: Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability Feedly Summary: Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), including the ability to extract and leak sensitive information…

Cisco Talos Blog: BRB, pausing for a "Sanctuary Moon" marathon

Jul 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/brb-pausing-for-a-sanctuary-moon-marathon/ Source: Cisco Talos Blog Title: BRB, pausing for a "Sanctuary Moon" marathon Feedly Summary: Get to know the real people behind cybersecurity’s front lines. In this week’s newsletter, sci-fi meets reality, humanity powers technology and a few surprises are waiting to be discovered. AI Summary and Description: Yes Summary: The text offers…

Tag: software update