CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it?

Categories: Exploits and vulnerabilities

Categories: News

Tags: CISA

Tags: KEV

Tags: catalog

Tags: vulnerabilities

Tags: prioritize

The CISA Known Exploited Vulnerabilities catalog has grown to cover more than 1,000 vulnerabilities since its launch in November 2021.

(Read more…)

The post CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it? appeared first on Malwarebytes Labs.

Read more

Update now! Apple patches vulnerabilities on iPhone and iPad

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: iOS

Tags: iPad

Tags: 17.0.3

Tags: CVE-2023-42824

Tags: CVE-2023-5217

Apple has issued an emergency update to patch two vulnerabilities, including an actively exploited one.

(Read more…)

The post Update now! Apple patches vulnerabilities on iPhone and iPad appeared first on Malwarebytes Labs.

Read more

Pegasus spyware and how it exploited a WebP vulnerability

Categories: Android

Categories: Apple

Categories: Exploits and vulnerabilities

Tags: Pegasus

Tags: spyware

Tags: nso

Tags: webp

Tags: libwebp

Tags: buffer overflow

The company behind the infamous Pegasus spyware used a vulnerability in almost every browser to plant their malware on victim’s devices.

(Read more…)

The post Pegasus spyware and how it exploited a WebP vulnerability appeared first on Malwarebytes Labs.

Read more

Child health data stolen in registry breach

Categories: Exploits and vulnerabilities

Categories: News

Categories: Ransomware

Tags: MOVEit

Tags: vulnerability

Tags: Cl0p

Tags: ransomware

Tags: BORN

Tags: NSC

Tags: privacy

Tags: identity theft

Canadian healthcare organization Better Outcomes Registry & Network (BORN) has disclosed a data breach affecting client data.

(Read more…)

The post Child health data stolen in registry breach appeared first on Malwarebytes Labs.

Read more

Emergency update! Apple patches three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: emergency

Tags: update

Tags: CVE-2023-41991

Tags: CVE-2023-41992

Tags: CVE-2023-41993

Apple has released patches for three zero-day vulnerabilities that may have been actively exploited.

(Read more…)

The post Emergency update! Apple patches three zero-days appeared first on Malwarebytes Labs.

Read more

The mystery of the CVEs that are not vulnerabilities

Categories: Business

Categories: Exploits and vulnerabilities

Categories: News

Tags: CVE

Tags: NVD

Tags: vulnerabilities

Tags: CVE-2020-19909

Researchers have raised the alarm about a large set of CVE for older bugs that never were vulnerabilities.

(Read more…)

The post The mystery of the CVEs that are not vulnerabilities appeared first on Malwarebytes Labs.

Read more

ThemeBleed exploit is another reason to patch Windows quickly

Categories: Exploits and vulnerabilities

Categories: News

Tags: theme

Tags: themepack

Tags: Microsoft

Tags: cve-2023-38146

Tags: msstyles

An exploit has been released for a vulnerability in .themes that was patched in the September 2023 Patch Tuesday update.

(Read more…)

The post ThemeBleed exploit is another reason to patch Windows quickly appeared first on Malwarebytes Labs.

Read more