The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware.
The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek.
Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited
Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.
The post Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited appeared first on SecurityWeek.
Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day
The Black Basta ransomware gang may have exploited the Windows privilege escalation flaw CVE-2024-26169 before it was patched.
The post Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day appeared first on SecurityWeek.
Fortinet Patches Code Execution Vulnerability in FortiOS
Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw.
The post Fortinet Patches Code Execution Vulnerability in FortiOS appeared first on SecurityWeek.
Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation
Data security company Cyberhaven has raised $88 million in a Series C funding round that brings the total to $136 million.
The post Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation appeared first on SecurityWeek.
When Vendors Overstep – Identifying the AI You Don’t Need
AI models are nothing without vast data sets to train them and vendors will be increasingly tempted to harvest as much data as they can and answer any questions later.
The post When Vendors Overstep – Identifying the AI You Don’t Need appeared first on SecurityWeek.
GitHub Paid Out Over $4 Million via Bug Bounty Program
The code hosting platform GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago.
The post GitHub Paid Out Over $4 Million via Bug Bounty Program appeared first on SecurityWeek.
Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities
Google and Mozilla have released patches for 21 and 15 vulnerabilities in Chrome and Firefox, respectively.
The post Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Ransomware Group Exploits PHP Vulnerability Days After Disclosure
The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.
The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek.
ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA
Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their industrial and OT products.
The post ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA appeared first on SecurityWeek.
