Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic
Actively Exploited Flaws Patched in Apple Devices
The latest software updates released by Apple for macOS, iOS, iPadOS, Safari, tvOS, and watchOS contain patches for three zero-day vulnerabilities that are known to be actively exploited in attacks.
Windows Security Feature Bypass Vulnerability
Attackers are targeting a pair of Windows bugs that can be exploited simply by sending a malicious email to the victim, allowing the attacker to steal the users Windows credentials. A
WordPress Plugin Flaw has Public Exploit Code
A vulnerability in the WordPress plugin Advanced Custom Fields and Advanced Custom Fields Pro is being actively exploited by attackers after proof of concept (PoC) code for the exploit was
Linux Kernel Vulnerability Allows Elevation to Root
A vulnerability has been identified in NetFilter, a packet filtering and NAT (Network Address Translation) framework within the Linux kernel. This vulnerability can allow local users to escalate privileges to
Android Update Patches Exploited Kernel Flaw
An Android security bulletin has been released detailing the vulnerabilities patched in the May 2023 updates for patch levels 2023-05-01 and 2023-05-05. Included in this update is a fix for
Critical 2018 Vulnerability Actively Exploited in TBK
A five-year-old authentication bypass vulnerability present in TBK DVR4104 and DVR4216 TBK Vision devices is being actively exploited in attacks. TBK DVR (digital video recording) devices are sold under other
Cisco Zero-Day Cross-Site Scripting Vulnerability
Cisco Prime Collaboration Deployment software has been found to have a zero-day vulnerability that could allow for cross-site scripting attacks to take place. The Cisco Prime Collaboration Deployment application is
New Chromium OSS Zero-Day Actively Exploited
Another zero-day vulnerability has been identified in the Google Chrome desktop application, just days after the previous emergency update was released. Microsoft have determined this to be a publicly disclosed
Critical Vulnerabilities Patched by VMware
A security update has been released by VMware to patch two vulnerabilities in VMware Aria Operations for Logs products, which were previously called vRealize Log Insight. VMware vRealize Log Insight
NCSC Warn of Jaguar Tooth Malware on Cisco Routers
Unpatched Cisco IOS routers are being targeted by Russian state-backed threat actor APT28 to deploy ‘Jaguar Tooth’ malware by exploiting a vulnerability from 2017. The National Cyber Security Centre (NCSC)
Google Chrome Emergency Update Patches Zero-Day
An emergency security update has been released by Google for Chrome stable channel for desktop for Windows, Mac, and Linux. This is the first emergency update released so far in
Microsoft Fixes Critical and Publicly Disclosed Flaws
A total of 97 vulnerabilities were resolved in April’s patch Tuesday updates from Microsoft this week, including 7 critical severity flaws, and an actively exploited zero-day flaw with a publicly
Subscribe to our monthly newsletter today
If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter.
We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.