Topic: security patches
-
iOS 26.3.1 Update: Bug Fixes and Studio Display Support
Apple has released iOS 26.3.1, a minor update focused on system stability, bug fixes, and adding support for new Studio Display monitors. The previous iOS 26.3 update introduced tools for switching from iPhone to Android and included privacy adjustments and security updates. Development is underw...
Read More » -
Cisco Patches 48 Firewall Flaws, Warns of Active SD-WAN Attacks
Cisco has issued critical patches for two actively exploited vulnerabilities in its Catalyst SD-WAN Manager, which could allow attackers to gain elevated system privileges. The company also fixed 48 flaws in its firewall products, including two maximum-severity issues: an authentication bypass an...
Read More » -
Pixel March 2026 Update: 16 Fixes for GPU, Battery & More
The March 2026 update for Pixel devices delivers system improvements and critical security patches, focusing on enhancing stability and fixing bugs across core components like Audio, Camera, and Battery. It addresses a total of 129 security vulnerabilities across two patches, ranging from High to...
Read More » -
FBI Warning: These Wi-Fi Routers Are Vulnerable
The FBI warns that outdated routers, especially those over a decade old without security updates, are highly vulnerable to cyberattacks and compromise personal data. Hackers exploit these unpatched routers to install malware, take control, and incorporate them into botnets for large-scale attacks...
Read More » -
Ivanti EPMM "sleeper" webshells pose hidden threat
A critical vulnerability (CVE-2026-1281) in Ivanti's EPMM platform is being actively exploited, with attackers implanting hidden, dormant backdoors that are difficult to detect. The exploitation campaign, linked to initial access brokers, has already compromised several high-profile organizations...
Read More » -
iOS 26.3 Update Focuses on Cross-Device Compatibility
Apple's latest software updates focus on stability, security, and improved cross-platform compatibility, introducing a new tool to migrate data from an iPhone to an Android device. The migration tool transfers core data like photos and messages, but excludes some information; its full functionali...
Read More » -
Urgent SolarWinds Web Help Desk Patch Fixes Critical RCE Flaws
SolarWinds has urgently patched multiple critical vulnerabilities in its Web Help Desk software, strongly advising all customers to immediately upgrade to version 2026.1 to mitigate risks like remote code execution. The critical flaws, discovered by external researchers, include authentication by...
Read More » -
Urgent iOS Update: Apple Issues Critical Warning To iPhone Users
Apple has released iOS 26.2.1, a priority update focused on fixing performance issues and adding support for the latest AirTag, aiming to stabilize the iOS 26 platform. The update follows a critical security patch in iOS 26.2 and is recommended by experts to maintain protection, even though it do...
Read More » -
Apple Updates Old iPhones to Keep iMessage & FaceTime Running
Apple has issued updates for older iPhones and iPads to refresh a security certificate, preventing iMessage and FaceTime from becoming unusable after its expiration in 2027. These updates target legacy operating systems like iOS 12, 15, and 16, extending support for devices as old as the iPhone 5...
Read More » -
Windows 11 Update KB5074109: Critical Security Fixes and Bug Alerts
The Windows 11 update KB5074109 provides critical security patches for 114 vulnerabilities and improves battery life for laptops with NPUs by fixing a power management flaw. It introduces several user experience enhancements, including a smarter File Explorer, expanded QR code sharing, and furthe...
Read More » -
Critical Fortinet Flaw Actively Exploited by Hackers
A critical, unauthenticated command injection vulnerability (CVE-2025-64155) in FortiSIEM versions 6.7 to 7.5 allows attackers to gain full system control. Active exploitation of this flaw is confirmed, and immediate patching to specified fixed versions or restricting access to TCP port 7900 is u...
Read More » -
Bluetooth Flaw Lets Hackers Track and Eavesdrop on You
A critical flaw named WhisperPair in Google's Fast Pair protocol allows attackers to forcibly pair with and take control of many Bluetooth headphones and earbuds, enabling audio eavesdropping and location tracking. The vulnerability exists because many manufacturers failed to implement a basic se...
Read More » -
Android 16 QPR3 Beta 2 Now Rolling Out to Pixel Phones
Google has released Android 16 QPR3 Beta 2 for Pixel devices, focusing on bug fixes and stability improvements ahead of a planned stable launch in March 2026. The update addresses critical issues including system crashes, battery charging limits being ignored, slow Wi-Fi speeds, and app compatibi...
Read More » -
iOS 26 Adoption Slows: Is Liquid Glass to Blame?
Initial reports severely undercounted iOS 26 adoption due to technical changes that broke third-party analytics tracking, not solely user dissatisfaction. The rollout is slower partly because iOS 26 dropped support for older iPhone models, reducing the pool of eligible devices from the start. Man...
Read More » -
Google Patches Actively Exploited Zero-Day Vulnerabilities
Google has released a critical Android security update patching over 100 vulnerabilities, including three severe flaws that are under active, targeted exploitation. Two high-severity information disclosure vulnerabilities (CVE-2025-48633 & CVE-2025-48572) can expose sensitive data or grant elevat...
Read More » -
Google Patches Actively Exploited Android Security Flaws
Google's December security update patches over 50 Android vulnerabilities, including two high-severity flaws in the Android Framework that are already being used in limited, targeted attacks. The two critical vulnerabilities (CVE-2025-48633 and CVE-2025-48572) could allow unauthorized access to s...
Read More » -
Beware the 'Pixnapping' Android Attack: What It Is & Why It Matters
Pixnapping is a new Android attack method that uses transparent screen layers to stealthily capture and reconstruct on-screen pixel data, including sensitive two-factor authentication codes. Google has released a partial patch to restrict the blur function enabling this exploit, but researchers f...
Read More » -
Is Your Asus Router Hacked? Check for China-State Cyber Threat
A state-sponsored group linked to China is behind the widespread compromise of end-of-life Asus routers, designated as the "WrtHug" campaign, affecting thousands of devices. The compromised routers are being used to create operational relay box (ORB) networks for covert espionage and intelligence...
Read More » -
Google's New Pixel Theme Packs Arrive on Play Store
Google has launched "Theme Packs" on the Play Store, enabling Pixel users to customize their device's appearance and sounds with one tap, including wallpapers, icons, and audio alerts. The app allows users to preview and select specific elements to apply, such as sounds or wallpapers, but the fea...
Read More » -
Google Pixel October 2025 Update Boosts Performance
Google is rolling out its October 2025 update for Pixel smartphones, focusing on performance improvements as confirmed by Verizon's documentation. The update is available for Pixel 7 through Pixel 10 series, with users able to manually check for it in their system settings. Despite the lack of of...
Read More » -
CISA Urges Immediate VMware Patch for Chinese Hacker Exploit
CISA has issued an urgent directive for U.S. government agencies to patch a critical VMware vulnerability (CVE-2025-41244) that allows privilege escalation to root level, requiring action within three weeks. The vulnerability is actively exploited by UNC5174, a Chinese state-sponsored group, whic...
Read More » -
Critical DNS Cache Poisoning Flaws Found in 2 Apps
Critical vulnerabilities in BIND and Unbound DNS software allow attackers to poison DNS caches and redirect users to fraudulent websites, with severity ratings up to 8.6. These flaws enable malicious actors to replace legitimate domain IP addresses with attacker-controlled ones, but security patc...
Read More » -
Over 266,000 F5 BIG-IP Systems Vulnerable to Remote Hacks
Over 266,000 F5 BIG-IP systems are exposed online and vulnerable to remote attacks following a security breach by nation-state hackers who stole source code and details about undisclosed flaws. F5 has released patches for 44 vulnerabilities and strongly urges immediate updates, while CISA mandate...
Read More » -
iOS 26.0.2 Update: What's New for Your iPhone
Apple is preparing to release the iOS 26.0.2 update, a minor follow-up to iOS 26, focused on refining performance and addressing user-reported issues. The update is expected to include bug fixes, security enhancements, and system optimizations, particularly to smooth out the new Liquid Glass inte...
Read More » -
Cl0p Gang Hits Oracle in Major Data Theft Campaign
The Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to exfiltrate data and send extortion emails to victims in August 2025. Oracle issued a security advisory for the vulnerability, which allows unauthenticated remote attackers to execute code vi...
Read More » -
Critical Redis Flaw Exposes Thousands of Instances
A critical security vulnerability (CVE-2025-49844) in Redis allows authenticated attackers to execute remote code via a use-after-free flaw in Lua scripting, posing a severe risk to systems. The flaw affects a vast number of organizations due to Redis's widespread use in cloud environments, and i...
Read More » -
Akira Ransomware Bypasses MFA to Breach SonicWall VPNs
Akira ransomware is bypassing multi-factor authentication on SonicWall SSL VPN devices, likely using stolen OTP seeds to generate valid tokens despite security patches. Attackers exploit the CVE-2024-40766 vulnerability to steal credentials, which they reuse even on patched systems, gaining rapid...
Read More » -
Salesforce AgentForce Vulnerability: What You Need to Know
A critical vulnerability named ForcedLeak, rated 9.4 in severity, was discovered in Salesforce's AgentForce platform, allowing attackers to exfiltrate confidential CRM data through indirect prompt injection. The flaw highlights that autonomous AI agents like AgentForce create a larger attack surf...
Read More » -
Supermicro Motherboards Harbor Unremovable Malware
Supermicro motherboards have critical vulnerabilities allowing malware to be embedded so deep that standard removal methods fail, as attackers can remotely install malicious firmware before the operating system loads. The flaws include an incomplete patch for a prior high-severity issue and a sep...
Read More »