Pierluigi Paganini
April 15, 2022
Google Chrome 100.0.4896.127 addresses a new high-severity zero-day vulnerability tracked as CVE-2022-1364, actively exploited by threat actors in the wild. Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux to address a high-severity zero-day, tracked as CVE-2022-1364, that is actively exploited by threat actors in attacks. The CVE-2022-1364 zero-day is a type confusion issue […]
Pierluigi Paganini
March 31, 2022
Apple released emergency patches to address two zero-day vulnerabilities actively exploited to compromise iPhones, iPads, and Macs. Apple has released emergency security patches to address two zero-day vulnerabilities actively exploited to hack iPhones, iPads, and Macs. The first zero-day, tracked as CVE-2022-22674, is an out-of-bounds read issue that resides in the Intel Graphics Driver that could […]
Pierluigi Paganini
March 31, 2022
An unauthenticated zero-day RCE vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed. Researchers disclosed a zero-day vulnerability, dubbed Spring4Shell, in the Spring Core Java framework called ‘Spring4Shell.’ An unauthenticated, remote attacker could trigger the vulnerability to execute arbitrary code on the target system. The framework is currently maintained by Spring.io […]
Pierluigi Paganini
March 25, 2022
Google addresses an actively exploited zero-day flaw with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google fixed an actively exploited high-severity zero-day vulnerability with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug, tracked […]
Pierluigi Paganini
March 07, 2022
Mozilla fixed two critical actively exploited zero-day bugs in Firefox with the release of 97.0.2, ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0. Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to address a couple of critical zero-day vulnerabilities, tracked as CVE-2022-26485 and CVE-2022-26485, actively exploited in […]
Pierluigi Paganini
February 15, 2022
Google fixed a high-severity zero-day flaw actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux. Google fixed a high-severity zero-day flaw, tracked as CVE-2022-0609, actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux. This is the first Chome zero-day fixed this year by Google. The zero-day […]
Pierluigi Paganini
February 14, 2022
Adobe addressed a critical vulnerability (CVE-2022-24086) impacting Magento Open Source products that is being actively exploited in the wild. Adobe rolled out security updates to address a critical security vulnerability, tracked as CVE-2022-24086, affecting its Commerce and Magento Open Source products that is being actively exploited in the wild. “Adobe is aware that CVE-2022-24086 has […]
Pierluigi Paganini
February 12, 2022
Organizations are addressing zero-day vulnerabilities more quickly, compared to last year, Googleâs Project Zero reported. According to Googleâs Project Zero researchers, organizations are addressing zero-day vulnerabilities more quickly, compared to last year. Software vendors took an average of 52 days to address vulnerabilities reported from Project Zero while 3 years ago the average was of […]
Pierluigi Paganini
February 11, 2022
Apple addressed a new WebKit zero-day affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild. Apple has addressed a zero-day vulnerability, tracked as CVE-2022-22620, in the WebKit affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild. This is the third zero-day vulnerability fixed by the IT giant […]
Pierluigi Paganini
February 09, 2022
Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products, including a zero-day bug. Microsoft February 2022 Patch Tuesday security updates addressed 51 flaws in multiple products including Microsoft Windows and Windows Components, Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library, Microsoft Dynamics, Microsoft Dynamics GP, Microsoft Office […]
