Common Vulnerabilities and Exposures (CVE) stories - Page 5

Microsoft's July 2024 Patch Tuesday reveals 139 vulnerabilities, including two zero-days under active exploitation: Hyper-V's EoP and MSHTML Spoofing.

Qualys has launched a no-cost Tech Debt Report to help organisations identify and mitigate cyber risks from outdated technology.

Endor Labs reveals major security flaws in CocoaPods, threatening apps like Instagram and Uber. Critical CVEs could impact Swift and Objective-C supply chains.

Bitdefender and Netgear’s new report reveals that 99.3% of IoT attacks exploit known vulnerabilities, highlighting the urgent need for timely updates and robust security measures.

Progress Software has addressed a critical authentication flaw in its MOVEit Transfer solution, raising concerns over security in essential infrastructure.

BlackBerry's latest report reveals alarming rise in malware, with 3.1 million cyberattacks thwarted from Jan to Mar 2024—critical infrastructure, especially finance, severely hit.

BlackBerry's Q1 2024 report reveals unprecedented cyber threats, detecting 3.1 million attacks and a 40% rise in new malware, spotlighting surging global cybersecurity tensions.

Trend Micro identified 60% of the world's vulnerabilities in 2023, playing a crucial role in global cybersecurity, according to Omdia study.

Action1's 2024 Software Vulnerability Ratings Report provides CISOs and CIOs with key insights amid NVD delays, highlighting rising exploit rates and the critical need for timely data sharing.

Sevco Security and GuidePoint Security have inked a strategic partnership to enhance IT network security with Sevco's Asset Intelligence Platform.

Microsoft addresses 51 vulnerabilities in June 2024 Patch Tuesday, with one critical RCE for Windows, alongside patches for Office and SharePoint flaws.

WatchGuard Technologies' latest report reveals a stark contrast in malware trends: network detections halve, while endpoint attacks soar.

Hackers exploiting newly found vulnerability in Palo Alto’s PAN-OS are using RedTail malware to enhance cryptomining operations, raising cybersecurity alarms.

A new vulnerability in GitHub Enterprise Server allowing attackers to bypass authentication has raised alarms over supply chain attacks, urging immediate software updates.

ThroughTek Kalay's platform vulnerabilities affect over 100 million IoT devices, exposing them to potential attacks. Vendors race to patch issues.

Rapid7’s 2024 Attack Intelligence Report highlights a sharp rise in zero-day vulnerabilities causing mass breaches and underscores the necessity for faster patching and robust MFA protocols.

Microsoft's Patch Tuesday addresses 59 CVEs, including one critical and three zero-days, with notable exploits in DWM Core and MSHTML surfaces.

Microsoft's May 2024 Patch Tuesday addresses 61 vulnerabilities, including three zero-days. Two critical RCE flaws and browser patches are also highlighted.

Cato Networks exposes systemic cybersecurity gaps in inaugural threat report, revealing insecure protocols employed across WAN by all examined organisations.

ForAllSecure reveals new AI-powered tool, Mayhem, a dynamic software bill of materials tool that proactively battles exploitable application vulnerabilities.