Common Vulnerabilities and Exposures (CVE) stories - Page 6

Endor Labs reveals major security flaws in CocoaPods, threatening apps like Instagram and Uber. Critical CVEs could impact Swift and Objective-C supply chains.

Bitdefender and Netgear's new report reveals that 99.3% of IoT attacks exploit known vulnerabilities, highlighting the urgent need for timely updates and robust security measures.

BlackBerry's latest report reveals alarming rise in malware, with 3.1 million cyberattacks thwarted from Jan to Mar 2024—critical infrastructure, especially finance, severely hit.

Trend Micro identified 60% of the world's vulnerabilities in 2023, playing a crucial role in global cybersecurity, according to Omdia study.

Action1's 2024 Software Vulnerability Ratings Report provides CISOs and CIOs with key insights amid NVD delays, highlighting rising exploit rates and the critical need for timely data sharing.

Microsoft addresses 51 vulnerabilities in June 2024 Patch Tuesday, with one critical RCE for Windows, alongside patches for Office and SharePoint flaws.

WatchGuard Technologies' latest report reveals a stark contrast in malware trends: network detections halve, while endpoint attacks soar.

Hackers exploiting newly found vulnerability in Palo Alto's PAN-OS are using RedTail malware to enhance cryptomining operations, raising cybersecurity alarms.

A new vulnerability in GitHub Enterprise Server allowing attackers to bypass authentication has raised alarms over supply chain attacks, urging immediate software updates.

Rapid7's 2024 Attack Intelligence Report highlights a sharp rise in zero-day vulnerabilities causing mass breaches and underscores the necessity for faster patching and robust MFA protocols.

Microsoft's Patch Tuesday addresses 59 CVEs, including one critical and three zero-days, with notable exploits in DWM Core and MSHTML surfaces.

Microsoft's May 2024 Patch Tuesday addresses 61 vulnerabilities, including three zero-days. Two critical RCE flaws and browser patches are also highlighted.

Cato Networks exposes systemic cybersecurity gaps in inaugural threat report, revealing insecure protocols employed across WAN by all examined organisations.

ForAllSecure reveals new AI-powered tool, Mayhem, a dynamic software bill of materials tool that proactively battles exploitable application vulnerabilities.

Virtual Network Computing (VNC) was the most targeted remote desktop tool in the past year, clouds over a new Barracuda data report.

Azul broadens its Intelligence Cloud to all OpenJDK JVMs and Oracle JDK, utilising production Java data to enhance developer productivity and identify vulnerabilities.

Sevco Security further evolves asset protection by prioritising, automating and validating exposure issues resolution with its upgraded platform, aiding cyber risk management for businesses.

BeyondTrust's 2024 Microsoft Vulnerabilities Report shows Elevation of Privilege (EoP) dominating the vulnerability class for a fourth year.

Cyber security firm, Cado Security, uncovers revelations about a Linux variant of Cerber ransomware exploiting vulnerabilities in Confluence servers using the CVE-2023-22518 exploit.

In response to rising AI-driven cyber threats, Darktrace is repositioning to a platform-based strategy aimed at better equipping businesses to anticipate and counter these advanced cyber attacks.