Google patches “in-the-wild” Chrome zero-day – update now!

By Paul Ducklin — July 5^th 2022 at 15:55

Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...

Naked Security

S3 Ep86: The crooks were in our network for HOW long?! [Podcast + Transcript]

By Paul Ducklin — June 9^th 2022 at 13:07

Latest episode - listen (or read) now!

Naked Security

Atlassian announces 0-day hole in Confluence Server – update now!

By Paul Ducklin — June 3^rd 2022 at 18:59

Zero-day announced - here's what you need to know

Naked Security

Mysterious “Follina” zero-day hole in Office – here’s what to do!

By Paul Ducklin — May 30^th 2022 at 23:01

News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help!

Naked Security

Apple patches zero-day kernel hole and much more – update now!

By Paul Ducklin — May 17^th 2022 at 09:30

You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.

Naked Security

GitHub issues final report on supply-chain source code intrusions

By Paul Ducklin — April 29^th 2022 at 16:15

Learn how to find out which apps you've given access rights to, and how to revoke those rights immediately in an emergency.

Naked Security

Apple pushes out two emergency 0-day updates – get ’em now!

By Paul Ducklin — March 31^st 2022 at 23:38

More Apple zero-days - mobile devices, laptops and desktops affected. Update now!

apple-1200

Naked Security

Google Chrome patches mysterious new zero-day bug – update now

By Paul Ducklin — March 28^th 2022 at 14:18

CVE-2022-1096 - another mystery in-the-wild 0-day in Chrome... check your version now!

Naked Security

Firefox patches two actively exploited 0-day holes: update now!

By Paul Ducklin — March 5^th 2022 at 19:06

Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!

Naked Security

Google announces zero-day in Chrome browser – update now!

By Paul Ducklin — February 15^th 2022 at 19:17

Zero-day buses: none for a while, then three at once. Here's Google joining Apple and Adobe in "zero-day week"

Naked Security

Adobe fixes zero-day exploit in e-commerce code: update now!

By Paul Ducklin — February 14^th 2022 at 22:38

There's a remote code execution hole in Adobe e-commerce products - and cybercrooks are already exploiting it.

Naked Security

S3 Ep68: Bugs, scams, privacy …and fonts?! [Podcast + Transcript]

By Paul Ducklin — February 3^rd 2022 at 16:20

Latest episode - listen now!

Naked Security

Check your patches – public exploit now out for critical Exchange bug

By Paul Ducklin — November 23^rd 2021 at 14:36

It was a zero-day bug until Patch Tuesday, now there's an anyone-can-use-it exploit. Don't be the one who hasn't patched.

Naked Security

Apple ships Monterey with security updates, fixes 0-day in Watch and TV products, updates iDevices

By Paul Ducklin — October 27^th 2021 at 22:16

A slew of security bulletins from Apple HQ, including 37 bugs listed as fixed in the initial public release of macOS Monterey.

Naked Security

S3 Ep54: Another 0-day, double Apache patch, and Fight The Phish [Podcast]

By Paul Ducklin — October 14^th 2021 at 18:33

Latest episode - listen now!