Vulnerabilities | News, how-tos, features, reviews, and videos
Exploited CVEs increased by a fifth in 2024, according to analysis by VulnCheck, with increased transparency and improved monitoring playing a role. Still, proactive measures are vital.
Also prioritize patches for vulnerabilities in LDAP and NTLM, as well as Hyper-V, experts say.
While unpatched instances were reduced to half within a month, a huge number of them remain vulnerable even as attackers exploit the flaw in the wild for critical RCE attacks.
A critical USB restriction flaw was addressed in an emergency iOS and iPadOS update.
Cybercriminals are increasingly exploiting gen AI technologies to enhance the sophistication and efficiency of their attacks.
The deserialization flaw allows attackers to remotely execute arbitrary codes on customers’ IIS web servers.
The insecure deserialization and authorization bypass flaws could enable attackers to escalate privileges and run arbitrary commands.
When AMD finally issued patches for its critical microcode security hole on Monday, it said that the glitch 'could lead to the loss of Secure Encrypted Virtualization protection.'
Functionality in the device firmware sends patient data to a hardcoded IP address that also downloads and executes binary files without the owner’s knowledge.
Broadcom urges the application of patches that address pressing vulnerabilities in VMware’s cloud management tools.