#vulnerability#

A 9.1-high score vulnerability in MOVEit management software may become the biggest security event in 2024, with hackers exploiting it. ProgressSoftware has released updates.

A serious security flaw in Pixel monthly update may be exploited. US government issues warning.

Apple has fixed a vulnerability that allowed malicious websites to generate virtual 3D bats. Learn more here.

A security vulnerability in Phoenix SecureCore UEFI firmware impacts hundreds of Intel CPUs, Lenovo has fixed it but others haven't yet. Learn more here.

A security researcher discovered a high-risk vulnerability in Outlook. Microsoft's response draws criticism and reconsiders the issue later. Less than 150 characters.

News about Asus router products having vulnerabilities and the required updates, along with information on older DSL routers. 140 characters max.

Many Win11 users face abnormal CPU usage caused by a Microsoft service vulnerability. Microsoft is working on a fix.

The US CISA orders to patch Microsoft Windows 10/11 vulnerabilities by July 4th. Details about the vulnerability and its exploitation by hackers and ransomware are provided.

Google released the Chrome 126 browser update on Tuesday, fixing 21 vulnerabilities. It rewards security experts and provides download links. less than 150 characters.

Arm company warns of a security vulnerability in Bifrost and Valhall GPU drivers, with details and potential impact. 150 characters or less.

A security company reports that hackers are abusing ThinkPHP vulnerabilities to create the 'Dama' tool for attacks, and researchers remind users to update. (less than 150 letters)

PHP project maintenance team released a new patch to fix RCE vulnerability, impacts servers globally.

Network security company Akamai reports hackers reusing 2018 vulnerability to attack ThinkPHP and install Dama backdoor shell. Details on vulnerabilities and impacts disclosed.

The world's largest open-source AI community, HuggingFace, reports a security漏洞 incident and its countermeasures. About a million models and more.

Linux kernel privilege escalation vulnerability, CVE-2024-1086, updated by CISA, patches available for multiple stable versions.

Security company Wiz reports a major vulnerability on Replicate, allowing cross-tenant attacks and data leaks. The platform has since repaired the漏洞.

The Mozilla Foundation launched Firefox 126 version with a fix for a high-risk vulnerability CVE-2024-4367 in PDF.js. Learn about it here.

Discover how a vulnerability in Apple iOS enables third-party apps to create animatable icons. Learn about the details and see the video demonstration.

Northwestern Polytechnical University's discovery of a medium-risk vulnerability in the RISC-VSonicBOOM processor and its significance.

Google issues emergency update to fix zero-day vulnerability in Chrome, a serious 'type confusion' one. Urges users to upgrade. Details here.

Apple's location service has a loophole that could be exploited to track troops. Learn about the Wi-Fi-based positioning system and the research on this issue.

Intel's monthly update fixes 41 vulnerabilities, including a critical one in NeuralCompressor. Learn more.