Tag

Patching

All articles tagged with #patching

security1 day ago•8 min saved

AI-Fueled Bug Hunt Redraws the Security Patch Landscape

AI agents are increasingly autonomously finding software flaws and crafting exploits, upending bug-bounty economics as researchers log far more discoveries and attackers speed up development. Major programs are trimming or shifting payouts (Curl’s bounty ended; Google adjusted Chrome/Android rewards) and experts warn that faster zero-days and compressed disclosure windows could pressure quicker patches. The trend, including industry calls for structural defenses and architecture changes, suggests a future where human-led bug hunting remains essential but must be complemented by better-infrastructure that makes many bugs irrelevant.

via WIRED|

#ai #bug-bounty #cybersecurity

cybersecurity7 days ago•57 min saved

Millions at Risk as NGINX Zero-Day RCE Flaw Sees Real-World Exploitation

Security researchers say CVE-2026-42945, a heap buffer overflow in NGINX Open Source and NGINX Plus, is being actively exploited in the wild. The flaw can crash NGINX worker processes via crafted requests, with remote code execution possible only if ASLR is disabled and a specific rewrite configuration is present; despite ASLR generally enabled, estimates show up to 5.7 million internet-facing servers may be affected. Organizations should patch promptly, ensure ASLR remains enabled, and audit rewrite rules to mitigate risk while threat actors rapidly scan for vulnerable systems.

via CyberSecurityNews|

#cve-2026-42945 #cybersecurity #exploitation

security12 days ago•4 min saved

Fragnasia flaw could grant root on many Linux kernels

A high-severity Linux kernel local privilege-escalation flaw, Fragnasia (CVE-2026-46300), lets an unprivileged attacker write to the kernel page cache via the XFRM ESP-in-TCP subsystem to gain root; patches are rolling out for all affected kernels, and a PoC exists. Mitigations include removing vulnerable modules esp4, esp6, and rxrpc with modprobe.d, though this can disrupt AFS and IPsec VPNs. The bug is part of the Dirty Frag family; CISA has also flagged Copy Fail as actively exploited in the wild.

via BleepingComputer|

#kernel #linux #patching

security14 days ago•5 min saved

Linux Faces Second Major Kernel Flaw in Weeks: Dirty Frag Escalates Root Access Risk

Linux is hit by a second major kernel vulnerability in weeks, dubbed Dirty Frag, which chains two flaws to allow untrusted users to gain root access by manipulating page caches. Patches are rolling out from Debian, AlmaLinux, and Fedora, but many distributions haven’t yet applied fixes and a reboot may be required. The exploits target esp4/esp6 and rxrpc paths, with public PoCs and signs of limited in-the-wild activity. Administrators should apply patches and mitigations promptly, especially in shared environments or virtual machines, to prevent potential root compromise.

via Ars Technica|

#kernel #linux #patching

gaming2 months ago•2 min saved

Slay the Spire 2 patching explained: updates are experimental and non-permanent

Mega Crit explained their patching approach for Slay the Spire 2 in early access: changes are tested, not permanent, and driven by player feedback, collected metrics, and design philosophy. The beta branch is the most useful place to provide input while updates are expected to be ongoing for 1-2 years to balance the game toward the feel of Slay the Spire 1.

via Rock Paper Shotgun|

#beta-branch #early-access #gaming

cybersecurity2 months ago•53 min saved

Critical SQL Server zero-day lets attackers escalate to full admin control

Microsoft disclosed a critical zero-day in SQL Server (CVE-2026-21262) that enables an authenticated attacker to escalate to the sysadmin role via improper access control. The flaw has a CVSS v3.1 base score of 8.8 (Important) and is exploitable over the network with low complexity and no user interaction. While not yet observed in the wild, the disclosure lowers the barrier for exploits. Microsoft has released patches for SQL Server 2016–2025; administrators should urgently apply updates, audit permissions, restrict privileged access, and upgrade unsupported versions to receive future fixes.

via CyberSecurityNews|

#cve-2026-21262 #cybersecurity #patching

security3 months ago•2 min saved

CISA Flags Four Actively Exploited Flaws in KEV Update and Urges Patch

CISA added four flaws to the Known Exploited Vulnerabilities catalog due to active exploitation: CVE-2026-2441 (Chrome use-after-free), CVE-2024-7694 (TeamT5 ThreatSonar Anti-Ransomware arbitrary file upload leading to command execution), CVE-2020-7796 (Zimbra Collaboration Server SSRF), and CVE-2008-0015 (Windows Video ActiveX buffer overflow). Google confirms an in-the-wild exploit for CVE-2026-2441; GreyNoise documents about 400 IPs exploiting CVE-2020-7796 across several countries; the CVE-2008-0015 exploit can download additional malware like Dogkild and alter system files/hosts. The TeamT5 exploitation vector remains unclear. Federal agencies are urged to patch by March 10, 2026.

via The Hacker News|

#cisa #exploitation #kev

security3 months ago•5 min saved

BeyondTrust CVE-2026-1731 exploited in the wild; urgent patching and KEV updates

Threat actors are actively exploiting BeyondTrust CVE-2026-1731 (CVSS 9.9) in the wild by abusing get_portal_info to harvest the x-ns-company value before WebSocket setup, enabling unauthenticated remote code execution; BeyondTrust notes PRA v25.1+ do not require patching, while RS requires the BT26-02-RS patch (v21.3–25.3.1) and PRA patch (BT26-02-PRA, v22.1–24.X); watchTowr, GreyNoise/Defused Cyber, and Arctic Wolf report rapid activity and persistence attempts using SimpleHelp and PSexec; CISA added CVE-2026-1731 to KEV with federal patch deadlines by Feb 16, 2026, and KEV also lists other flaws (CVE-2026-20700, CVE-2025-15556, CVE-2025-40536, CVE-2024-43468).

via The Hacker News|

#beyondtrust #cisa-kev #cve-2026-1731

technology4 months ago•3 min saved

CISA Tightens Patch Deadline for Actively Exploited VMware vCenter RCE

CISA warns that the actively exploited VMware vCenter Server remote-code-execution flaw CVE-2024-37079 is being used in the wild and orders U.S. federal agencies to patch within three weeks, citing a DCERPC heap overflow that enables easy remote control with no user interaction. Broadcom notes there are no mitigations, advising immediate patches to the latest vCenter Server and Cloud Foundation releases.

via BleepingComputer|

#cisa #cve-2024-37079 #patching

technology6 months ago•9 min saved

Microsoft and Adobe Release Critical Security Patches for Multiple Vulnerabilities in November 2025

Microsoft's November 2025 Patch Tuesday addresses 63 vulnerabilities across its ecosystem, including one zero-day actively exploited in the wild, emphasizing the urgent need for immediate patch deployment to mitigate risks from critical flaws in Windows, Office, Azure, and other products.

via CyberSecurityNews|

#microsoft #patching #security-updates

technology9 months ago•2 min saved

Over 29,000 Exchange Servers Vulnerable to Critical Flaw, Urgent Mitigation Needed

Over 29,000 Microsoft Exchange servers remain unpatched against a high-severity vulnerability (CVE-2025-53786) that could allow attackers to escalate privileges and compromise entire domains, prompting urgent mitigation efforts by U.S. federal agencies and warnings for organizations worldwide.

via BleepingComputer|

#cve-2025-53786 #exchange-servers #federal-agencies

vulnerability-data-protection1 year ago•2 min saved

"Urgent: Patch SolarWinds Serv-U Vulnerability Amid Active Exploits"

A high-severity directory traversal vulnerability in SolarWinds Serv-U file transfer software (CVE-2024-28995) is being actively exploited, allowing attackers to read sensitive files. The flaw affects all versions up to Serv-U 15.4.2 HF 1 and has been patched in version 15.4.2 HF 2. Users are urged to update immediately to mitigate potential threats, as public proof-of-concept exploits make it easy for attackers to leverage this vulnerability.

via The Hacker News|

#cve-2024-28995 #cybersecurity #exploits

cybersecurity2 years ago•2 min saved

CISA Warns of Active Exploits in Apache Flink and NextGen Healthcare Flaws

A three-year-old improper access control bug in Apache Flink, CVE-2020-17519, is being actively exploited, prompting the US government to add it to the Known Exploited Vulnerabilities Catalog. Federal agencies must patch or stop using the software by June 13, and all users should ensure they are updated and check for potential compromises. The flaw allows attackers to read any file on the JobManager's local filesystem via the REST interface, and its exploitation underscores the critical need for timely software updates.

via The Register|

#apache-flink #cve-2020-17519 #cybersecurity

cyber-threat-network-security2 years ago•3 min saved

"Critical Security Patches Address Flaws in Cisco Unified Communications and Networking Products"

Cisco, Fortinet, and VMware have released critical security patches to address multiple vulnerabilities in their products, including CSRF attacks on Cisco Expressway Series, bypasses for a critical flaw in FortiSIEM supervisor, and moderate-to-important severity flaws in VMware Aria Operations for Networks. Organizations are urged to apply the patches promptly to mitigate the risks associated with these vulnerabilities.

via The Hacker News|

#cisco #cyber-threat-network-security #fortinet

cybersecurity2 years ago•1 min saved

"Urgent Patching: Critical Vulnerabilities Found in Citrix, VMware, and Atlassian Products"

CISA has directed U.S. federal agencies to address recently patched Citrix NetScaler and Google Chrome zero-day vulnerabilities, with a focus on fixing a Citrix remote code execution (RCE) bug within a week. Citrix has advised immediate patching of affected appliances, and CISA has mandated specific timelines for patching vulnerable devices within federal agencies. The cybersecurity agency has also urged all organizations, including private companies, to prioritize patching these security flaws.

via BleepingComputer|

#cisa #citrix #cybersecurity