Tag: update
-
Windows and Linux users: The deadline to update Secure Boot keys is near
What you need to know about the expiration of keys securing your machine’s boot sequence. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/windows-and-linux-users-the-deadline-to-update-secure-boot-keys-is-near/
-
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the >>RoguePlanet<>working … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/rogueplanet-zero-day-cve-2026-50656/
-
Sapphire Sleet macOS Malware Abuses curlosascript Execution for Multi-Stage Payload Delivery
Sapphire Sleet’s latest macOS campaign uses crafted .scpt AppleScript lures that pipe curl output directly to osascript, enabling a compact, multi-stage payload chain that executes entirely within Script Editor and evades many built”‘in macOS protections. The infection begins with a socially engineered lure fake SDK or update AppleScript files such as Zoom SDK Update.scpt or…
-
CISA orders feds to patch max severity Joomla plugin flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-joomla-plugin-flaw-by-friday/
-
Microsoft working on Defender patch for RoguePlanet zero-day
Microsoft confirmed that it’s working on a security patch for a Defender zero-day vulnerability named “RoguePlanet,” disclosed one week ago. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-working-on-defender-patch-for-rogueplanet-zero-day/
-
Komplett neue Einstellungen – Firefox 152 erstrahlt teilweise in neuem Glanz
Firefox 152 mit dem neuen Update eine überarbeitete Einstellungsoberfläche, neue Funktionen für Tabs sowie Verbesserungen beim Datenschutz. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/komplett-neue-einstellungen-firefox-152-erstrahlt-teilweise-in-neuem-glanz.97953
-
Komplett neue Einstellungen – Firefox 152 erstrahlt teilweise in neuem Glanz
Firefox 152 mit dem neuen Update eine überarbeitete Einstellungsoberfläche, neue Funktionen für Tabs sowie Verbesserungen beim Datenschutz. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/komplett-neue-einstellungen-firefox-152-erstrahlt-teilweise-in-neuem-glanz.97953
-
Critical Chrome Flaws Let Attackers Execute Arbitrary Code Update Immediately
Google has released an urgent Chrome security update addressing multiple critical vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out to users globally, upgrades Chrome to version 149.0.7827.155/.156 for Windows and macOS and 149.0.7827.155 for Linux. Security researchers and enterprise defenders are strongly advised to apply the…
-
Google Juni-Update schließt CVE-2025-48595 im Android Framework – Aktiv ausgenutzte Android-Lücke gefährdet alle aktuellen Versionen
First seen on security-insider.de Jump to article: www.security-insider.de/android-cve-2025-48595-zero-day-rechteausweitung-juni-update-a-963aae9d95187c7646a53e48f7ca3a69/
-
Google Juni-Update schließt CVE-2025-48595 im Android Framework – Aktiv ausgenutzte Android-Lücke gefährdet alle aktuellen Versionen
First seen on security-insider.de Jump to article: www.security-insider.de/android-cve-2025-48595-zero-day-rechteausweitung-juni-update-a-963aae9d95187c7646a53e48f7ca3a69/
-
AI’s constant patching treadmill can be a security problem
The breakneck speed of model releases may be creating short, silent security gaps as developers must choose between performance and security, according to a new report. First seen on cyberscoop.com Jump to article: cyberscoop.com/claude-code-security-vulnerabilities-ai-patches-backslash-security/
-
iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded
iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company specializing in remote cardiac monitoring and arrhythmia detection. Its best-known product is the Zio, a wearable patch that continuously records a patient’s heart rhythm for up to several…
-
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively.Attacks involving BabaDeda Loader, observed in April 2026, have targeted education and financial organizations.”Earlier BabaDeda activity was known for First seen on thehackernews.com Jump to article: thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html
-
It’s time to update incident response for the AI era
Your latest cybersecurity incident might not be a threat actor, but an internal AI agent doing what it’s authorized to do. Incident response must evolve to accommodate AI. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366644312/Its-time-to-update-incident-response-for-the-AI-era
-
It’s time to update incident response for the AI era
Your latest cybersecurity incident might not be a threat actor, but an internal AI agent doing what it’s authorized to do. Incident response must evolve to accommodate AI. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366644312/Its-time-to-update-incident-response-for-the-AI-era
-
Notfall-Update Tails 7.8.1 schließt CVE-2026-43503 – Kernel-Lücke Dirty Frag bedroht Anonymität von Tails-Nutzern
First seen on security-insider.de Jump to article: www.security-insider.de/tails-7-8-1-dirty-frag-cve-2026-43503-anonymitaet-a-b1120eebb202da8a4967f781fd987dd9/
-
Der nachlässige Umgang mit den eigenen digitalen Daten
Jede und jeder Zehnte erstellt nie Backups. Nur 43 Prozent installieren angebotene Software-Updates meist sofort. Ob Updates, Backups oder Zugriffsrechte viele Menschen in Deutschland gehen mit der Sicherheit ihrer digitalen Geräte und Daten eher nachlässig um. Nur rund 4 von 10 Internetnutzenden (39 Prozent) erstellen häufig Backups, also digitale Sicherheitskopien ihrer Daten. Weitere… First seen…
-
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.”A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker…
-
Why CISA’s 3-day patching mandate misses the point
First seen on scworld.com Jump to article: www.scworld.com/perspective/why-cisas-3-day-patching-mandate-misses-the-point
-
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
-
Windows 11 Update Causes System Freezes, Triggers BitLocker Recovery, and Breaks OneDrive
Windows 11 cumulative update KB5094126, released on June 9, 2026, for builds 26200.8655 and 26100.8655, is triggering a wave of user reports about system freezes, forced BitLocker recovery screens, and broken OneDrive integration in File Explorer on some devices. While Microsoft positions the patch as a critical security and reliability update, early feedback suggests serious…
-
Microsoft’s workplace check-in via Wi-Fi tracks who’s in the office, and not everyone’s happy
Microsoft is rolling out workplace check-in via Wi-Fi for Teams and Microsoft Places. Connect to your office network and your in-office presence updates automatically, no … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/15/microsoft-teams-workplace-wi-fi-check-in/
-
Von Backups bis Updates Umfrage zur Datensicherheit bei deutschen Internet-Nutzern
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/backups-updates-umfrage-datensicherheit-deutsche-internet-nutzer
-
Splunk Urges Immediate Patching of Critical Flaw Enabling Arbitrary File Operations
A newly disclosed security vulnerability in Splunk Enterprise has prompted urgent patching efforts after researchers revealed that the flaw could allow unauthenticated attackers to perform arbitrary file operations and potentially achieve remote code execution. The issue, identified as CVE-2026-20253, affects certain versions of Splunk Enterprise and carries a critical CVSS score of 9.8. First seen on thecyberexpress.com Jump to article:…
-
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution.The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system.”In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary…
-
The FCC Wants to Kill Burner Phones
Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-the-fcc-wants-to-kill-burner-phones/
-
CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability
First seen on scworld.com Jump to article: www.scworld.com/news/cisa-gives-agencies-3-days-to-patch-maximum-severity-ivanti-vulnerability
-
CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability
First seen on scworld.com Jump to article: www.scworld.com/news/cisa-gives-agencies-3-days-to-patch-maximum-severity-ivanti-vulnerability
-
Siemens Desigo CC patch files falsely flagged as malware
First seen on scworld.com Jump to article: www.scworld.com/brief/siemens-desigo-cc-patch-files-falsely-flagged-as-malware