Apple rushes to patch zero‑day flaw in iOS, iPadOS
The bug is under active exploitation by unknown attackers and affects a wide range of devices, including iPhones, iPads and Apple Watches
Vulnerability
Google fixes Chrome zero‑day bug exploited in the wild
The latest update patches a total of five vulnerabilities affecting the browser’s desktop versions
Microsoft rushes out fixes for four zero‑day flaws in Exchange Server
At least one vulnerability is being exploited by multiple cyberespionage groups to attack targets mainly in the US, per ESET telemetry
Record‑high number of vulnerabilities reported in 2020
High-severity and critical bugs disclosed in 2020 outnumber the sum total of vulnerabilities reported in 2010
Microsoft patches actively exploited Windows kernel flaw
This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical
Google: Better patching could have prevented 1 in 4 zero‑days last year
Vendors should fix the root cause of a vulnerability, rather than block just one path to triggering it, says Google
Apple patches three iOS zero‑days under attack
The company emits emergency updates to fix bugs affecting devices ranging from iPhones to Apple Watches
DNSpooq bugs expose millions of devices to DNS cache poisoning
Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices
Chrome, Firefox updates fix severe security bugs
Successful exploitation of some of these flaws could allow attackers to take control of vulnerable systems
Bumble bugs could have exposed personal data of all users
The information at risk of theft due to API flaws included people’s pictures, locations, dating preferences and Facebook data
Google patches two new zero‑day flaws in Chrome
The last three weeks have seen a bumper crop of patches for zero-day bugs across software from Google, Apple and Microsoft
Microsoft Patch Tuesday fixes 17 critical flaws, Windows zero‑day
The second Tuesday of the month brings another fresh batch of fixes for security vulnerabilities in various Microsoft products
Apple patches three actively exploited zero‑day flaws in iOS
The vulnerabilities, which are all being abused for targeted attacks, affect a long list of devices
Google squashes two more Chrome bugs under active attacks
The updates come on the heels of news of attacks exploiting another zero-day in Chrome in tandem with a previously-unknown Windows flaw
Google discloses Windows zero‑day bug exploited in the wild
The security hole isn’t expected to be plugged until the forthcoming Patch Tuesday bundle of security fixes
Over 100,000 machines remain vulnerable to SMBGhost exploitation
The patch for the critical flaw that allows malware to spread across machines without any user interaction was released months ago
Google patches Chrome zero‑day under attack
In addition to patching the actively exploited bug, the update also brings fixes for another four security loopholes
Microsoft issues two emergency Windows patches
The flaws, neither of which is being actively exploited, were fixed mere days after the monthly Patch Tuesday rollout
Attackers chain Windows, VPN flaws to target US government agencies
Bad actors have accessed US elections support systems, although there's no evidence to suggest that election data has been compromised, say FBI and CISA
55 security flaws found in various Apple services
Five ethical hackers have earned almost US$300,000 in bug bounty rewards – so far