Spring4shell Java RCE ZeroDay in Spring
A zero-day vulnerability was found in the popular Java Web App development framework Spring likely puts a wide variety of Web apps at risk of remote attack. The vulnerability dubbed…
Google Fixes Chrome ZeroDay
Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high severity zero day bug, tracked CVE-2022-1096, exploited in the wild. The CVE-2022-1096 vulnerability is a…
Mozilla Fixes Zero days in Firefox
Mozilla has published Firefox 97.0.2, an out-of-band update that closes two bugs that are officially listed as critical. Mozilla reports that both of these holes are already actively being exploited, making…
XSS ZeroDay in Horde Webmail
A zero-day cross-site scripting (XSS) vulnerability in Horde webmail client could allow an attacker to steal a victim’s emails and infiltrate their network, researchers warn. Researchers revealed that the client…
Extensis Portfolio Flaws ! RCE, Zero Days
Researchers from White Oak Security have disclosed critical vulnerabilities including a zero-day flaw that’s yet to be patched in Extensis Portfolio that cumulatively has a user-facing main content management application,…
Magento Zero Day patch Bypassed
Adobe has announced new patches for the Commerce and Magento e-commerce platforms after researchers discovered that a fix for an actively exploited zero-day can be bypassed. Adobe informed Commerce and…
Google Patches Critical Zero Day in Chrome !
Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks. Attackers commonly exploit use after free bugs to…
Apple Released Patches to Address Web-Kit ZeroDay
Apple has released security updates to macOS, iOS, and iPadOS to address a zero-day vulnerability in the WebKit browser engine that attackers may already have used in the wild. The…