Apache Flink flaw is back, and being actively exploited
An improper access control flaw is being actively exploited, CISA is warning......»»
Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966)
A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, Mandiant researchers have revealed. About CVE-2023-4966 Citrix’s security a.....»»
The USB-C Apple Pencil fixes an iPad problem I’ve had for years
The Apple Pencil (USB-C) is a weird mix of omissions and conveniences. But beyond the value factor, it fixes an embarrassingly inconvenient design flaw......»»
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)
A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the devices and install an implant, Cisco Talos researchers have warned today. Abou.....»»
Actively exploited Cisco 0-day with maximum 10 severity gives full network control
An unknown threat actor is exploiting the vulnerability to create admin accounts. Enlarge / Cables run into a Cisco data switch. (credit: Getty Images) Cisco is urging customers to protect their devices following the dis.....»»
iPhone 15 Pro Max: Reports about burn-in display issues are piling up
iPhone 15 Pro Max owners have yet another problem to deal with. There are reports of burn-in on the displays. Some iPhone 15 owners just can't seem to catch a break.New reports are coming in detailing yet another flaw that iPhone 15 users are e.....»»
Poll: Is your iPhone 15 Pro still overheating after the iOS 17.0.3 update?
Every year, when Apple launches a new iPhone, there are always reports of some issues. This year, a number of users have been complaining about the iPhone 15 Pro overheating. While some believed that there was a design flaw in the new iPhones, Apple.....»»
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late Augu.....»»
Apple fixes overheating problems and 0-day security flaw with iOS 17.0.3 update
Some third-party apps will also need to be updated to address overheating issue. Enlarge / iPhones running iOS 17. (credit: Apple) When Apple released its statement about iPhone 15 Pro overheating issues earlier this wee.....»»
Qualcomm patches 3 actively exploited zero-days
Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities exploited in Qualcomm GPU and DSP drivers The US-based semiconductor company has b.....»»
Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches. Arm&.....»»
Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept cod.....»»
Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)
Google has fixed another critical zero-day vulnerability (CVE-2023-5217) in Chrome that is being exploited in the wild. About CVE-2023-5217 The vulnerability is caused by a heap buffer overflow in vp8 encoding in libvpx – a video codec library.....»»
iOS 17.0.1 patches 3 actively exploited security flaws
Three days after launching iOS 17, Apple has issued iOS 17.0.1 with three important security patches. Notably, Apple says it’s aware all of the fixed vulnerabilities were reported as being actively exploited. more….....»»
Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited “against versions of iOS before iOS 16.7.” Bill Marczak of The Citi.....»»
GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)
GitLab has fixed a critical vulnerability (CVE-2023-5009) in the Enterprise Edition (EE) and Community Edition (CE) of its widely used DevOps platform. The flaw may allow a threat actor to abuse scan execution policies to run pipelines as another use.....»»
Apple rolls out iOS 17.0.1, iPadOS 17.0.1, watchOS 10.0.1 updates
Apple has taken the unusual step of releasing an update just days after a major release, with watchOS 10.0.1, iOS 17.0.1, and iPadOS 17.0.1 now available with the set again patching a trio of exploited security flaws.watchOS 10Generally, sub-point up.....»»
Update your Apple devices now to fix these dangerous exploits
Three actively exploited vulnerabilities have just been discovered in a huge number of Apple devices. Update yours now to ensure it stays safe from hackers......»»
Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)
Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been rev.....»»
Mortal Kombat 1 review: a morbidly fun fighter with one fatal flaw
Mortal Kombat 1 is a bloody fun time, so long as you aren't expecting much from its weak single-player modes......»»
The iPhone 15 Pro’s Action button has a serious flaw
One of the big new hardware features for the iPhone 15 Pro is the Action button, but I can't help but already be a tad disappointed with it......»»