Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution.
The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek.
Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution.
The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek.
Citrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug.
The post Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack appeared first on SecurityWeek.
The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users.
The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek.
Fifteen of the newly patched flaws have been rated ‘critical’ and 67 have been rated ‘high severity’.
The post Google Patches 382 Chrome Vulnerabilities appeared first on SecurityWeek.
The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released.
The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors.
The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared first on SecurityWeek.
The critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product.
The post Exploitation of Recent Oracle E-Business Suite Vulnerability Begins appeared first on SecurityWeek.
The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling.
The post Critical SimpleHelp Vulnerability Exploited for Malware Delivery appeared first on SecurityWeek.
CISA has published an advisory to inform organizations about three vulnerabilities found by a researcher in Daktronics controllers.
The post New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking appeared first on SecurityWeek.
A variant of DirtyFrag, the flaw allows unprivileged local users to manipulate the Linux page cache and gain root privileges.
The post ‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access appeared first on SecurityWeek.