Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability – Tempemail

Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that’s known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables Continue Reading

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days – Tempemail

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group’s Pegasus surveillance tool to target iPhone Continue Reading

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware – Tempemail

Apple has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 to fix two actively exploited vulnerabilities, one of which defeated extra security protections built into the operating system. The list of two flaws is as follows – CVE-2021-30858 (WebKit) – A use after free Continue Reading

Pulse Secure VPNs Get New Urgent Update for Poorly Patched Critical Flaw – Tempemail

Pulse Secure has shipped a fix for a critical post-authentication remote code execution (RCE) vulnerability in its Connect Secure virtual private network (VPN) appliances to address an incomplete patch for an actively exploited flaw it previously resolved in October 2020. “The Pulse Connect Secure appliance suffers from an uncontrolled archive Continue Reading

Apple Releases Urgent 0-Day Bug Patch for Mac, iPhone and iPad Devices – Tempemail

Apple on Monday rolled out an urgent security update for iOS, iPadOS, and macOS to address a zero-day flaw that it said may have been actively exploited, making it the thirteenth such vulnerability Apple has patched since the start of this year. The updates, which arrive less than a week Continue Reading

‘Urgent need’ for age restrictions on TikTok vaping videos, Australian study finds | E-cigarettes- Tempemail

Australian researchers who have studied the portrayal of vaping on TikTok say there is an “urgent need” for age restrictions to reduce teens’ exposure to videos that portray it in a positive light. University of Queensland researchers have analysed e-cigarette content posted by TikTok users globally and are calling for Continue Reading

Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild – Tempemail

Apple on Monday shipped out-of-band security patches to address two zero-day vulnerabilities in iOS 12.5.3 that it says are being actively exploited in the wild. The latest update, iOS 12.5.4, comes with three security fixes, including a memory corruption issue in the ASN.1 decoder (CVE-2021-30737) and two flaws concerning the Continue Reading

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks – Tempemail

Apple on Monday released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. The weaknesses all concern WebKit, the browser engine which powers Safari and all third-party web browsers Continue Reading

Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack – Tempemail

Merely weeks after releasing out-of-band patches for iOS, macOS, and watchOS, Apple has released yet another security update for iPhone, iPad, Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild. Tracked as CVE-2021-1879, the vulnerability relates to a WebKit flaw that Continue Reading

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange – Tempemail

Microsoft has released emergency patches to address four previously undisclosed security flaws in Exchange Server that it says are being actively exploited by a new Chinese state-sponsored threat actor with the goal of perpetrating data theft. Describing the attacks as “limited and targeted,” Microsoft Threat Intelligence Center (MSTIC) said the Continue Reading