Category: SecurityWeek

SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.

The post SolarWinds Patches Critical Vulnerability in Access Rights Manager appeared first on SecurityWeek.

The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure.

The post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure appeared first on SecurityWeek.

Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

The post Apple Suddenly Drops NSO Group Spyware Lawsuit appeared first on SecurityWeek.

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. 

The post Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel appeared first on SecurityWeek.

Noteworthy stories that might have slipped under the radar: a possible Adobe Reader zero-day, researchers mistakenly hijack .mobi TLD, and an exploited WhatsApp View Once bypass.

The post In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit appeared first on SecurityWeek.

Apple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys.

The post Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks appeared first on SecurityWeek.

The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families.

The post New ‘Hadooken’ Linux Malware Targets WebLogic Servers appeared first on SecurityWeek.

A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.

The post House Report Shows Chinese Cranes a Security Risk to US Ports appeared first on SecurityWeek.

The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.

The post UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy appeared first on SecurityWeek.

A 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.

The post UK Teen Arrested Over Transport for London Hack appeared first on SecurityWeek.