Schneider Electric patched a vulnerability (CVE-2018-7783) in its SoMachine Basic that could result in the disclosure or retrieval of data during an out-of-band attack.
The next-generation of Spectre speculative execution vulnerabilities in CPUs from AMD, ARM, and Intel has arrived in the form of Variants 3a and 4, following highly anticipated public disclosures from Google's Project Zero and Microsoft Corporation [1, 2].
Google is looking into the possibility of requiring device manufacturers to regularly patch their devices, by incorporating such a provision into future OEM agreements, Google head of Android security David Kleidermacher announced in a presentation at the Google I/O Developer Conference last week.
Cryptominers targeting Oracle's patched WebLogic vulnerability from 2017 have caused a spike in malicious traffic targeting Port 7001.
After patching a confusion flaw in Flash last week, Adobe announced new security updates for Adobe Acrobat and Reader for Windows and MacOS.
Google's latest stable channel update for the Windows, Mac and Linux versions of Chrome fixes four vulnerabilities, including a critical bug that can lead to sandbox escape.
LG on Monday released a security update fixing a high-severity remote code execution vulnerability found in the default keyboards of all its mainstream smartphone models.
Multiple major operating systems and hypervisors contain a serious CPU chipset bug that could allow authenticated attackers to read sensitive data in memory and control certain low-level functions, prompting their developers to issue security updates patching this flaw.
Sierra Wireless patched two vulnerabilities in several of its AirLink routers that if exploited could allow the execution of arbitrary code or gain full control of a system.
Microsoft Corporation's Patch Tuesday release today fixed 67 bugs, including two that have been actively exploited in zero-day attacks, and another two whose details became public.
The developer of the PHP (Hypertext Preprocessor) server-side scripting language has issued a series of updates that fix 40 vulnerabilities spread across four different versions -- the most serious of which was severe enough to allow an attacker to execute arbitrary code within the context of an affected application.
Drupal announced its third critical website bug found in the last month and has issued an unscheduled security update.
Apple on Tuesday released security updates for the Safari browser and its MacOS and iOS operating systems, fixing a total of four vulnerabilities.
Juniper Networks released more than a dozen security updates to patch a wide range of issues including two denial-of-service vulnerabilities and one for remote code execution.
Security researchers have found a flaw in the emergency alert warning siren system used by many local authorities - could be sounded by hackers, research finds.
Adobe's April 10, 2018 Patch Tuesday addressed 14 security issues including 6 in Flash Player.
Health care device manufacturer Natus Medical Incorporated has reportedly updated the software used in its Xltek EEG products, which monitor brain activity, after a researcher discovered five vulnerabilities that a remote, unauthenticated attacker could exploit to trigger code execution of a denial of service condition.
Microsoft Corporation on Tuesday announced an emergency patch for a memory corruption vulnerability in its Microsoft Malware Protection Engine (MMPE) that remote attackers can exploit to execute arbitrary code in the security context of the highly privileged LocalSystem account.
Apple addressed a bevy of security bugs late last week, after issuing updated versions of its current operating systems, Safari browser and other core products, as well as security enhancements for two older OS offerings.
Microsoft has issued an update that will fix a flaw, CVE-2018-1038, in a previous patch that was designed to protect Windows 7 x64 or Windows Server 2008 R2 x64 systems from Meltdown.
Github announced the discovery of more than 4 million vulnerabilities in more than half a million repositories.
Drupal is calling its users to be on standby for the announcement of a highly critical release on March 28 that will address issues in Drupal 7 and 8.
Citrix Systems on Wednesday issued hotfixes for its XenServer hypervisor product, fixing vulnerabilities that attackers could exploit to remotely compromise a host compromise or cause a denial of service condition.
Microsoft has just patched a vulnerability in the primary tool the company uses to help provide remote assistance to its users, but until all devices are updated there is still some danger.
Microsoft has kicked off a bug bounty program that could bring in between $25,000 and $250,000 to anyone able to find vulnerabilities similar to the now infamous Spectre and Meltdown.
This month's Microsoft patch Tuesday included more than 70 patches 15 of which were marked as critical.
Patch Tuesday Adobe updates included patches for Adobe Flash Player, Adobe Connect, and Adobe Dreamweaver including 7 critical vulnerabilities.
A remote code execution flaw, dubbed Spring Break, affects various Pivotal Spring could allow an attacker to run arbitrary commands.
Hewlett Packard Enterprise has disclosed the discovery of a serious vulnerability in a previous version of its Lights-Out 3 embedded server management technology, which could be remotely exploited to trigger a denial of service condition.