Apache Flink flaw is back, and being actively exploited
An improper access control flaw is being actively exploited, CISA is warning......»»
State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)
An unauthenticated remote code execution flaw (CVE-2022-27518) is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller (ADC) deployments, the US National Security Agency has warned. “Targeting.....»»
Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet is aware of an instance where this vulnerability was exploited in the wild.....»»
Veracode acquires Crashtest Security to improve web application security
Veracode has acquired Crashtest Security to enhance the existing DAST capabilities available as part of Veracode’s Continuous Software Security Platform and broaden customer access globally. Web applications are fast becoming the most exploited att.....»»
Taiwan firms expanding OLED DDI biz
Taiwan-based display driver IC suppliers including Novatek Microelectronics, Himax Technologies and Raydium Semiconductor are actively expanding their OLED DDI offerings, all eyeing robust demand for mid- and large-size device applications......»»
Wafer Works optimistic about industrial and automotive use, plans to build 12-inch wafer fab
Semiconductor wafer fab Wafer Works is positive about the development potential of the industrial and automotive markets and is actively planning to build a 12-inch wafer fab. The company has been cultivating the power component and power management.....»»
Google Chrome zero-day exploited in the wild (CVE-2022-4262)
Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the wild. No other technical details have been shared about this zero-day flaw.....»»
Bizarre SiriusXM code flaw accused of unlocking smart vehicles
The flaw, affecting numerous cars around the world, has since been patched, so update now......»»
Silicon Motion Technology actively competes for automotive application
NAND flash controller IC design house Silicon Motion Technology in early 2022 entered the automotive application for the first time by providing Toyota Motor with such ICs used in automotive memory storage of Toyota car models launched in the China m.....»»
SiriusXM hack unlocks, starts cars
Security researchers discovered a flaw in SiriusXM service to remotely operate Honda, Hyundai, Nissan and Toyota models......»»
SiriusXM breach unlocks, starts cars
Security researchers discovered a flaw in SiriusXM service to remotely operate Honda, Hyundai, Nissan and Toyota models......»»
Federal defense contractors are not properly securing military secrets
Defense contractors hold information that’s vital to national security and will soon be required to meet Cybersecurity Maturity Model Certification (CMMC) compliance to keep those secrets safe. Nation-state hackers are actively and specifically.....»»
AUO, Innolux actively growing healthcare display offerings
Panel makers AUO and Innolux have been actively growing their high-value-added offerings, such as healthcare displays and multiple field solutions......»»
Female monkeys "actively reduce" social network as they age
Female rhesus macaques actively reduce their social networks and prioritize friends and family as they get older, new research shows......»»
Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)
A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerabil.....»»
Update your Google Chrome Mac install now
There is another zero-day exploit for Chrome, and Google has issued a security update to fix the vulnerability that is being actively exploited.Google Chrome browserThe company is rolling out the update — 107.0.5304.121 — for Windows, Mac, and Li.....»»
Massive Twitter data breach was far worse than reported, reveal security researchers
A massive Twitter data breach last year, exposing more than five million phone numbers and email addresses, was worse than initially reported. We’ve been shown evidence that the same security vulnerability was exploited by multiple bad actors, and.....»»
Patch Google Chrome now to fix this emergency security flaw
Google Chrome patches high-severity zero-day vulnerability relating to a "heap buffer" overflow......»»
A flaw in ConnectWise Control spurred the company to make life harder for scammers
A vulnerability in popular remote access service/platform ConnectWise Control could have been leveraged by scammers to make compromising targets’ computers easier, Guardio researchers have discovered. By abusing the fully-featured 14-day trial.....»»
Chinese suppliers actively seeking second wind as they lose orders from Apple
Chinese smart device manufacturer GoerTek recently joined the likes of OFilm, AAC Technologies, and Lens Technology to become the latest Chinese supplier removed from Apple's supply chain. This wave of exodus has resulted in these suppliers actively.....»»
Cisco issues fixes for active exploits of its Windows VPN clients
Cisco is offering software updates for two of its AnyConnect for Windows products it says are actively being exploited in the field.AnyConnect for Windows is security software package, in this case for Windows machines, that sets up VPN connectivi.....»»