April 19, 2024

U.S. CISA has added the following five new issues to its Known Exploited Vulnerabilities Catalog:

  • CVE-2019-8526 – Apple macOS Use-After-Free Vulnerability. The CVE-2019-8526 flaw has been exploited by the DazzleSpy backdoor in watering hole attacks aimed at politically active individuals in Hong Kong. The issue was used to dump iCloud Keychain if the macOS version is lower than 10.14.4.
  • CVE-2023-2033 – Google Chromium V8 Engine Type Confusion Vulnerability. The CVE-2023-2033 flaw is the first Chrome zero-day vulnerability addressed by Google in 2023. It did not disclose details of the attacks exploiting this vulnerability. It will not provide bug details and links until a majority of users have updated their installs.

CISA orders federal agencies to fix this flaw by May 8, 2023.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

HashiCorp Critical Vulnerability – CVE-2024-3817

April 18, 2024

Cisco Integrated Management Controller Vulnerabilities

April 18, 2024

Windows Kernel Vulnerability – CVE-2024-21338 PoC Exploit Released

April 17, 2024

Cisco Duo Identify Data Breach

April 17, 2024

Tanium new Automate Feature

April 16, 2024

Patch released CVE-2024-3400 added to KEV Catalog

April 16, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading