Some of Asus' popular mid-range and high-end routers have been found to be vulnerable to remote code execution and code injection attacks. Check the full list of routers and the firmware patches here.
Windows 11 build 23545 fixes a number of File Explorer bugs and more
windows 11 insider preview
Security vulnerability RSS
Microsoft and Intel have cautioned about a recent security vulnerability affecting 7th Gen, 8th Gen, 9th Gen, 10th Gen, and 11th Gen chips. This security vulnerability is called Downfall or GDS.
A security threat research team had notified Microsoft about several major security vulnerabilities in its PowerShell Gallery. The flaws remain even after the tech giant claimed they were fixed.
Microsoft had warned about a kernel patch that could break something on the system. However, two months since, it has pushed that update enabling it by default via the latest Patch Tuesday.
CrowdStrike has shared details on Spyboy Terminator EDR killer. It is one of the EDRs, alongside the likes of Microsoft Defender, Avast, and more, that can be disabled by the evasion tool.
Microsoft recently began patching UEFI bootkit vulnerabilities with this month's Patch Tuesday update. The company has now released a helpful guide about blocking such Windows boot managers.
Microsoft has released details on how it plans to protect against unsupported, unpatched, vulnerable Exchange Servers. The tech giant says that it will throttle and eventually block such mails.
An AMD fTPM side channel security flaw dubbed "faulTPM" has been discovered by researchers. This security bug can even bypass BitLocker and it affects modern Windows 11-supported Ryzen chips.
Microsoft has issued PowerShell scripts for multiple security vulnerabilities on Windows 11 and Windows 10. These are for speculative side channel attack CPU flaws, thirteen in total.
Microsoft has published some helpful guidance against the BlackLotus UEFI bootkit vulnerability that can bypass Secure Boot, VBS, BitLocker, Windows Defender, and more to infect updated Windows PCs.
Microsoft has released a couple of PowerShell scripts to address a BitLocker bypass security vulnerability issue. In its bulletin, the company has explained the differences between the two scripts.
BlackLotus, which is a bootkit, has been doing the rounds on the internet since last year. This bootkit is capable of bypassing Secure Boot, disabling BitLocker, Microsoft Defender, and more.
AMD has advised users to update Ryzen Master as it was vulnerable to a high severity flaw. This follows the earlier report today where the company's CPUs have begun exhibiting fTPM stutters on Linux.
Microsoft has formally announced that it has deprecated MSDT and its related troubleshooters. The company has explained in a document how the retirement is going to be a gradual phase out.
CISA has released a data recovery script dubbed "ESXiArgs-Recover" in order to help users who have been affected by the massive worldwide ESXiArgs ransomware server attacks on VMWare's vSphere.
A security researcher recently discovered serious vulnerabilities in Google Home smart speakers that could allow an attacker to install a "backdoor" account on the device and gain remote access.
Microsoft Defender, AVG, Avast, and more, were found vulnerable to a new zero-day security exploit through which harmless files, even system files, could be deleted using the anti-virus.
AMD has shared details about a Spectre Variant 2 vulnerability that affects almost all AMD Ryzen, Athlon, and EPYC systems. The security flaw is patched in the latest Patch Tuesday updates.
ESET has discovered another set of security vulnerabilities on Windows 11 and 10 Lenovo laptops. These allow attackers to disable Secure Boot. A list of vulnerable device models has been published.
Today, Microsoft has issued important security fixes to address DoS vulnerabilities affecting .NET Core and Visual Studio. The patches are available via .NET 6.0.9 and .NET Core 3.1.29.
HP has warned that it has discovered a new high severity privilege escalation vulnerability inside its own Support Assistant software utility. The company has also issued a fix for the security flaw.
Twitter's former head of security, Peiter Zatko, alleged in a whistleblower complaint that Twitter has major security problems that pose a threat to its own users' personal information.
Apple has released small updates for its iPhone, iPad, and Mac devices. macOS 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 address security vulnerabilities that exist within the Kernel and WebKit.
Modern Intel processors consisting of 10th Gen, 11th Gen and 12th Gen CPUs have been found to be vulnerable to a new "ÆPIC" security flaw. The vulnerability is able to exploit Intel's APIC MMIO.
AMD Zen-based processors with Simultaneous Multi-threading (SMT) like Ryzen, Threadripper, EPYC, and Athlon CPUs have been found to be vulnerable to a new “SQUIP” side-channel attack.
Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched.
QNAP has issued a patch of a security vulnerability that could affect certain configurations of its NAS Drives. The flaw resides in PHP that deals with FPM. It can allow remote code execution.
Several Intel CPUs from different generations have been found to be susceptible to new processor vulnerabilities related to MMIO Stale Data. Microsoft and Intel have published advisories about it.
Microsoft released two small updates for the Chromium-based Edge browser over the weekend. The latest update addresses a bug that prevented PDF files from being printed using the browser.
Following the recent Follina security vulnerability, another Microsoft Support Diagnostic Tool (MSDT) bug has been found called "DogWalk". This one too has been ignored by Microsoft at first glance.
Nearly all Android smartphones and devices packing MediaTek or Qualcomm with a Security Patch dated prior to December 2021 remain vulnerable to an RCE security bug that can allow eavesdropping.
Several popular Lenovo consumer models, including IdeaPad, Legion, and more, have been found to be vulnerable to UEFI firmware security bugs. The vulnerabilities can lead to privilege of escalation.
The infamous Hafnium group which successfully targeted on-premises Microsoft Exchange servers is now going after Windows using Tarrask malware which evades detection by cleaning its activities.
Google has released Chrome v99.0.4844.84 to the Stable Channel. The update for the web browser is available for all desktop OSes and includes a security fix for a vulnerability rated 'High'.
An unofficial patch for a Windows LPE security vulnerability under "CVE-2021-34484" is out, one that was supposedly fixed by Microsoft via its Patch Tuesday updates twice, but apparently not.
Intel and ARM are vulnerable to the Spectre-BHB flaw, but AMD is apparently troubled by Spectre v2, which it should have fixed back in 2018. AMD has now issued a new fix for the CVE-2017-5715 bug.
Mozilla has released Firefox v97.0.2. It's an out-of-band security update to patch two "Critical" security flaws that are being exploited in the wild. These 0-Days rely on the 'Use-after-free' bug.
Linux is a lot safer than Windows, macOS, and others because open-source programmers are racing to fix security vulnerabilities in record time, claim security researchers at Google's Project Zero.
Firmware security research firm Binarly has revealed that it discovered nearly two dozen vulnerabilities in InsydeH2O UEFI used by several vendors like Microsoft, Intel, Dell, HP, and more.
ESET has released updated builds for a whole bunch of its products on Windows. These updated product builds fix a local privilege escalation (LPE) vulnerability that the firm learned about last year.