Intel patched 226 vulnerabilities in its products last year, according to data from the 2021 Product Security Report released by the chip giant on Thursday.
Intel Patched 226 Vulnerabilities in 2021
Critical Vulnerabilities Found in Sealevel Device Used in ICS Environments
Cisco’s Talos security researchers have published details on a series of critical vulnerabilities that Sealevel has addressed in the SeaConnect 370W WiFi-connected edge device.
Cisco Patches Critical Vulnerabilities in Small Business RV Routers
Cisco this week announced patches for multiple vulnerabilities in its Small Business RV160, RV260, RV340, and RV345 series routers, including critical bugs that could lead to the execution of arbitrary code with root privileges.
Trend Micro Patches Vulnerabilities in Hybrid Cloud Security Products
Trend Micro recently patched two high-severity vulnerabilities affecting some of its hybrid cloud security products. Details and proof-of-concept (PoC) exploits have been released by the researchers who found the flaws.
1,300 Malicious Packages Found in Popular npm JavaScript Package Manager
Malicious actors are using the npm registry as the start point for open source software (OSS) supply chain attacks.
Open source software offers huge potential for criminals and nation states to deliver widespread supply chain attacks. OSS registries provide a major feeding ground with easy access.
Cloudflare Launches Public Bug Bounty Program
Web performance and security services provider Cloudflare this week announced that its bug bounty program is now open to all vulnerability hunters on HackerOne.
Samba Patches Critical Flaws That Earned Researchers Big Rewards
The latest updates for Samba, the widely used interoperability suite that provides file and print sharing capabilities between Windows and Unix computers, patch critical vulnerabilities that earned researchers tens of thousands of dollars at a recent hacking contest.
ESET Patches High-Severity Vulnerability in Windows Applications
Antivirus firm ESET on Monday announced patches for a local privilege escalation vulnerability impacting its Windows clients.
Tracked as CVE-2021-37852 and reported to ESET by the Zero Day Initiative (ZDI), the vulnerability is considered “high severity,” as it could allow an attacker to misuse the AMSI scanning feature.
Google Patches 27 Vulnerabilities With Release of Chrome 98
Google on Tuesday announced the release of Chrome 98 in the stable channel with a total of 27 security fixes inside, including 19 for vulnerabilities reported by external researchers.
The most severe of these security defects could be exploited to execute arbitrary code with the same privileges as the Chrome browser has on the target system.
OpenSSF Alpha-Omega Project Tackles Supply Chain Security
Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem.
