VMware addresses security flaws discovered during Tianfu Cup Pwn Contest
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here VMware addressed vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation, few months after the discovery of these bugs by participants at Tianfu Cup Pwn Contest. VMware has rated some of these vulnerabilities as important, …
First zero-day vulnerability of Google Chrome this year actively exploited in wild
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Google released a stable channel update for their Chrome browser that contains a zero-day vulnerability and is actively being exploited-in-wild. This is the first zero-day bug reported in Chrome browser this year. A Use-After-Free …
Threat Campaign by Molerats uses NimbleMamba Malware to target Middle East
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An APT group Molerats associated with Gaza has launched a new threat campaign using a malware NimbleMamba aimed at Middle Eastern governments, foreign policy think tanks, and even a state-owned airline. The current attack …
Critical Magento zero-day vulnerability actively exploiting multiple e-commerce websites
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Adobe issued an emergency advisory informing Adobe Commerce and Magento Open-Source product users of a critical zero-day vulnerability that is being actively exploited in the wild. A zero-day vulnerability which has been assigned CVE-2022-24086 …
Multiple vulnerabilities affect Mozilla Firefox and Firefox ESR
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Mozilla has issued two security advisories, which addresses 13 security issues in Firefox and Firefox ESR. Four of the thirteen have been rated as high, and some of these vulnerabilities, if successfully exploited, might …
Multiple security vulnerabilities identified in Adobe
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Adobe addressed 17 security flaws in Premiere Rush, Photoshop, Illustrator, After Effects, and Creative Cloud Desktop. According to Adobe, none of the vulnerabilities have been exploited so far. Successful exploitation of these five vulnerabilities …
Zero-day vulnerability in WebKit affects Apple macOS
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A third zero-day vulnerability has been identified since the latest zero-day bugs discovery in macOS Monterey in the year 2022. This flaw impacts the WebKit component, which is a cross-platform web browser engine that …
Critical remote code execution vulnerabilities in WordPress PHP everywhere Plugin
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Three critical remote code execution (RCE) vulnerabilities in a WordPress plugin PHP everywhere have been discovered. It is a plugin that allows web developers to utilize PHP code in pages, posts, the sidebar, or …
Google Chrome affected by high severity vulnerabilities
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Google has released Chrome 98 as a stable channel for Windows, Mac, and Linux. This update addresses 19 security vulnerabilities. Eight of them are rated severity high, ten of them are medium and one …
Microsoft Patch Tuesday addresses a zero-day vulnerability in Windows Kernel
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Microsoft addressed 51 vulnerabilities in the February 2022 patch Tuesday release, one of which was classified as a zero-day vulnerability. A remote attacker could exploit some of these vulnerabilities to gain control of a …