Please turn on your JavaScript for this page to function normally.
Patch Tuesday
March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V

On this March 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, but – welcome news! – none of them are currently publicly known …

Cisco
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)

Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be …

patch Tuesday
March 2024 Patch Tuesday forecast: A popular framework updated

UPDATE: March 12, 3:55 PM ET – March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V We’re almost at our third Patch Tuesday and wrapping up the …

VMware
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation

VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could …

Apple
Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)

Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple …

TeamCity JetBrains
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)

JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. …

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!

UPDATE (February 22, 2024, 05:40 a.m. ET): Now designated as CVE-2024-1709 and CVE-2024-1708, the vulnerabilities are under active exploitation. Go here for up-to-date …

QNAP
QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)

QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the …

Fortinet
Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)

Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in …

patch tuesday
February 2024 Patch Tuesday forecast: Zero days are back and a new server too

UPDATE: February 13, 14:55 ET – February 2024 Patch Tuesday is live. January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs …

JetBrains TeamCity
On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)

JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About …

Mastodon
Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)

Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have …

Don't miss

Cybersecurity news