Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

CVE-2022-2319: Fix CVE-2022-2319, CVE-2022-2320 (!938) · Merge requests · xorg / xserver · GitLab

A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length.

CVE
Open in Source
#vulnerability#git#zero_day
Skyrocketing IoT Bug Disclosures Put Pressure on Security Teams

The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices.

Apple releases security update for iPhones and iPads to address vulnerability

Categories: News Tags: Apple Tags: iOS 12.5.6 Tags: webkit Tags: CVE-2022-32893 Apple has released a security update for iOS 12.5.6 to patch a remotely exploitable WebKit vulnerability that allows attackers to execute arbitrary code on unpatched devices. (Read more...) The post Apple releases security update for iPhones and iPads to address vulnerability appeared first on Malwarebytes Labs.

Apple Quietly Releases Another Patch for Zero-Day RCE Bug

Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious Web content to load malware on affected devices.

Malwarebytes receives highest rankings in recent third-party tests

Categories: Business Malwarebytes Endpoint Protection continues to receive outstanding results in third-party testing: We're proud to have been one of the top-ranked security solutions by two highly-regarded industry evaluations, MRG-Effitas and Info-Tech’s Data Quadrant Report. (Read more...) The post Malwarebytes receives highest rankings in recent third-party tests appeared first on Malwarebytes Labs.

European Spyware Vendor Intellexa Offering Android, iOS Device Exploits

By Deeba Ahmed The proposal documents were leaked on a Russian hacking forum showing Intellexa is offering remote data extraction from Android and iOS devices in exchange for $8 million. This is a post from HackRead.com Read the original post: European Spyware Vendor Intellexa Offering Android, iOS Device Exploits

Command injection vulnerability in GitHub Pages nets bug hunter $4k

Exploit involved duping developers into exposing repositories with social engineering techniques

Interested in Reducing Your Risk Profile? Jamf Has a Solution for That

The threat landscape has changed dramatically over the past decade. While cybercriminals continue to look for new ways to gain access to networks and steal sensitive information, the mobile attack surface is also expanding. Mobile devices are not only becoming more powerful but also more vulnerable to cyberattacks, making mobile security an increasingly important concern for enterprises. This

New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries

New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.