Palo Alto bug used for DDoS attacks and there's no fix yet There goes the weekend... Security12 Aug 2022 | 5
Warning! Critical flaws found in US Emergency Alert System DEF CON may be about to blow lid off security hole Patches05 Aug 2022 | 14
VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws Meanwhile, a security update for rsync Patches03 Aug 2022 | 1
FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable Security27 Jul 2022 | 5
How a botched kernel patch broke Ubuntu – and why it may happen again Panic! at the distro OSes08 Jul 2022 | 41
How refactoring code in Safari's WebKit resurrected 'zombie' security bug Fixed in 2013, reinstated in 2016, exploited in the wild this year Research21 Jun 2022 | 14
Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina About 35-40% of iGiant's desktop OS installs potentially vulnerable, says Intego Patches06 Apr 2022 | 69
Adobe warns of second critical security hole in Adobe Commerce, Magento As sanctioned Russian infosec firm says it has working exploit code Security18 Feb 2022 | 19
VMware patches critical guest-to-host vulnerabilities Time to fix code like it's 2020 Virtualization17 Feb 2022 | 3
Microsoft patches Y2K-like bug that borked on-prem Exchange Server Happy New Year. Welcome back! Now apply this patch – which Microsoft warns isn't easy – if you want email to work Software03 Jan 2022 | 33
Expired cert breaks Windows 11 snipping tool, emoji panel, S Mode features, other stuff And we're talking about shipped code, not some Insider beta, here OSes04 Nov 2021 | 64
Patch now? Why enterprise exploits are still partying like it's 1999 Feature Am I only dreaming, or is this burning an Eternal Blue? Security08 Sep 2021 | 28
SolarWinds issues software update – one it wrote for a change – to patch hole exploited in the wild 'Single threat actor' already abusing RCE flaw, Microsoft reports Security12 Jul 2021 | 9
Apple patches macOS flaw exploited by malware to secretly snap screenshots Bug can also be abused to record audio and video, access files – and iOS, iPadOS updated, too Security24 May 2021 | 12
Microsoft says Outlook hit by 'email visibility issues' – as in, they're blank Here's an unofficial fix for those who need their messages now Applications12 May 2021 | 18
Partial beer print horror as Microsoft's printer bug fix, er, doesn't Updated Bugs, patchually: Just when you thought it was safe to print from Windows Software18 Mar 2021 | 82
Now it is F5’s turn to reveal critical security bugs – and the Feds were quick to sound the alarm on these BIG-IP flaws Remote code execution, denial of service, API abuse possible. Meanwhile, FBI pegs China for Exchange hacks Security11 Mar 2021 | 11
As the world descends into madness, it's good to see some things never change: Monthly Android patches Qualcomm bugs among the worst – including a critical hole in wireless networking Security04 Aug 2020 | 16
You, Apple Mac fan. Put down the homemade oat-milk latte, you need to patch a load of security bugs, too Patch Thursday is for you, Patch Tuesday is for everyone else OSes28 May 2020 | 6
How to make a stranger's insecure 3D printer halt-and-catch-fire – plus more alerts from infosec world Roundup San Francisco Airport websites hacked, VMware patches emitted, etc Security13 Apr 2020 | 24
Oi, Cisco! Who left the 'high privilege' login for Smart Software Manager just sitting out in the open? Critical fix for static credential headlines latest patch rollout Security19 Feb 2020 | 9
Updated your WordPress plugins lately? Here are 320,000 auth-bypassing reasons why you should Another day, another critical set of flaws Security15 Jan 2020 | 20
ATTK of the Pwns: Trend Micro's antivirus tools 'will run malware – if its filename is cmd.exe' Video Try not to save files to your Windows PC called cmd.exe or regedit.exe Security21 Oct 2019 | 28
Cisco cleans up critical flaws, Florida city forks out $600k to ransomware scumbags, and more from infosec land Roundup Your quick guide to what else has been happening in computer security lately Security24 Jun 2019 | 7
Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants Just make sure you're running the latest version Security18 Jun 2019 | 41
Sophos antivirus tools. Working Windows box. Latest Patch Tuesday fixes. Pick two: 'Puters knackered by bad combo Updated Two weeks and no sign of a proper solution, Avast and McAfee affected, too OSes24 Apr 2019 | 66
Cisco whispers the three little words to really get an ASR 9000 net admin's blood pumping: Remote unauthenticated access Critical patch available now for those with vulnerable kit Networks18 Apr 2019 | 8
We don't know whether 737 Max MCAS update is coming or Boeing: Anti-stall safety fix delayed Airlines will have to wait few more weeks to get new code as engineers need more time Software02 Apr 2019 | 106
Security storm brewing for Oracle Java-powered smart cards: More than a dirty dozen flaws found, fixes... er, any fixes? Vuln hunters warn malicious applets can bust through protections, snoop on or hijack access gizmos Security22 Mar 2019 | 37
Bad cup of Java leaves nasty taste in IBM Watson's 'AI' mouth: Five security bugs to splat in analytics gear Worst brew than that time El Reg went on a road trip and stopped at a Denny's Security18 Mar 2019 | 4
Just a reminder: We're still bad at securing industrial controllers Moxa boxes caught using plain text passwords and insecure web apps Security11 Mar 2019 | 15
Behold… a WinRAR security bug that's older than your child's favorite YouTuber. And yes, you should patch this hole Bet all two of you who paid to activate your copy are feeling a little cheesed off at this 14-year-old undetected flaw Security20 Feb 2019 | 23
Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes Get an update, or risk giving a dodgy user or malware an upgrade OSes14 Feb 2019 | 56
Fun fact: GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019 Nav gadgets will be Gah, Properly Screwed if you don't or can't update firmware On-Prem12 Feb 2019 | 302
Heads up: Debian's package manager is APT for root-level malware injection... Fix out now to thwart MITM hijacks Disable redirects before applying update OSes22 Jan 2019 | 35
Old bugs, new bugs, red bugs … yes, it's Oracle mega-update day again Out of 284 flaws, 33 are rated critical. Big Red admins have big patches ahead Security18 Jan 2019 | 2
Got a Drupal-powered website? You may want to get patching now... Open-source CMS gets a pair of critical fixes Security18 Jan 2019 | 8
Intel's Software Guard caught asleep at its post: Patch out now for SGX give-me-admin hole Chipzilla adds to Windows IT admins security update load Security14 Jan 2019 | 2
Microsoft pulls Office 2010 updates because they're big in Japan. As in, big pain in the ASCII Software performance tweaks have opposite effect Software08 Jan 2019 | 12
Open-source devs: Wget off your bloated festive behinds and patch this user cred-blabbing bug New year, new CVE Security02 Jan 2019 | 10
You better watch out, you better not cry. Better not pout, I'm telling you why: SQLite vuln fixes are coming to town May your days be merry and bright, and may you all go patch your SQLite Security18 Dec 2018 | 13
Hot fuzz: Bug detectives whip up smarter version of classic AFL fuzzer to hunt code vulnerabilities Flaw-spotting toolkit already has 42 zero-days to its name Security28 Nov 2018 | 3
If at first you don't succeed, you may well be Cisco: WebEx patch needs its own patch Updated Switchzilla has a second go at fixing videoconferencing app's 'I'm the captain, now' hole Software27 Nov 2018 | 2
If you're using Dell EMC Avamar, even in VMware's vSphere, you need to grab and install these security updates Unless you want your private key to leak, watch miscreants inject commands, etc Security21 Nov 2018 | 1
Did you hear? There's a critical security hole that lets web pages hijack computers. Of course it's Adobe Flash's fault The internet's screen door strikes again – so get patching OSes20 Nov 2018 | 42
I found a security hole in Steam that gave me every game's license keys and all I got was this... oh nice: $20,000 Sorry kids, it was patched weeks ago by Valve Security09 Nov 2018 | 38
Vulns in online shopping toolkit WooCommerce can blast a hole in your WordPress security Updated Rogue managers can seize control of web shops Security07 Nov 2018 | 3
Android fans get fat November security patch bundle – if the networks or mobe makers are kind enough to let 'em have it And Apple fixes Watch-killing security patch of its own Security06 Nov 2018 | 14
The D in Systemd stands for 'Dammmmit!' A nasty DHCPv6 packet can pwn a vulnerable Linux box Hole opens up remote-code execution to miscreants – or a crash, if you're lucky OSes26 Oct 2018 | 128
What a crane in the ass: Bug leaves construction machinery vulnerable to evil command injection Builders warned over Telecrane remote control radio vuln Security25 Oct 2018 | 12
Haven't updated your Adobe PDF software lately? Here's 85 new reasons to do it now Acrobat, Reader get patched up against dozens of new holes Security02 Oct 2018 | 47
Apple's dark-horse macOS Mojave is out (and it's already pwned) Wardle claims to topple privacy protections in new OS – which comes with security fixes OSes24 Sep 2018 | 45
NUUO, do not want! CCTV webcams can be hacked to spy on you Owners told to lock down network access to panned surveillance kit Edge + IoT17 Sep 2018 | 7
Docker fave Alpine Linux suffers bug miscreants can exploit to poison containers Now that's poetic, Justicz: Update apk and images now OSes15 Sep 2018 | 7
Cisco loses focus over TelePresence blurry videoconferencing bug You had one job, Precision 40 Software12 Sep 2018 | 3
When is a patch not a patch? When it's for this McAfee password bug Vulnerability still open to all despite multiple fixes Security11 Sep 2018 | 11
Safari, Edge fans: Is that really the website you think you're visiting? URL spoof bug blabbed Egghead says Apple has yet to patch spoofing vulnerability Security11 Sep 2018 | 13
Now that's a fortune cookie! Facebook splats $5k command-injection bug in one of its servers Find flaw, report flaw, fix flaw, get paid. Bish, bash, bosh Security24 Aug 2018 | 7
Well, can't get hacked if your PC doesn't work... McAfee yanks BSoDing Endpoint Security patch Don't install August update, world+dog warned Security24 Aug 2018 | 29
Oracle: Run, don't walk, to patch this critical Database takeover bug Flaw in House Larry's flagship product allows 'complete compromise' of servers Databases14 Aug 2018 | 11
Hey, you know what a popular medical record system doesn't need? 23 security vulnerabilities Get patching after team gets under the skin of OpenEMR Security07 Aug 2018 | 17