16 Feb 2022

CISA Urges Organizations to Patch Recent Chrome, Magento Zero-Days

The United States Critical Infrastructure Security Agency added nine new entries to the Known Exploited Vulnerabilities Catalog, including two recently discovered zero-day exploits impacting Google Chrome browser, and Adobe Commerce and Magento.  The remainder of the catalog vulnerabilities were older, but with inclusion on the CISA list, federal agencies must

Read More
14 Feb 2022

Zero-Day Adobe Magento 2 RCE Bug Under Active Attack

On Sunday, Adobe issued an emergency fix for a zero-day that is being actively exploited by threat actors. The company advised eCommerce websites and companies alike to update its software as soon as possible in order to avoid Magecart card-skimming attacks and other further risks. The vulnerability lies in the

Read More
29 Jun 2021

Update your Adobe software now to fix these ‘critical’ threats

Adobe recently released an advisory for several critical vulnerabilities. Adobe has encouraged its users to upgrade their systems via a patch delivered by the company. The PDF services reader and Acrobat will be impacted by the series of out-of-band updates that fix the serious security vulnerabilities. The update addresses fourteen

Read More
12 May 2021

Adobe Issues Patch for Acrobat Zero-Day

Adobe released several patches, including one for Acrobat. The vulnerability with Acrobat is being exploited in limited attacks on Adobe Readers users with Windows. The CVE-2021-28550 zero-day vulnerability affects Windows and macOS systems. The exploitation of the flaw could allow arbitrary code execution.  43 patches for 12 of its products were

Read More
21 Oct 2020

Adobe releases another out-of-band patch, squashing critical bugs across creative software

Yesterday, Adobe released another out-of-band patch, occurring outside of the company’s typical monthly security fix release cycle. The updates impact Adobe Illustrator, Dreamweaver, Marketo, After Effects, Photoshop, Animate, Premiere Pro, and other popular applications on both Windows and macOS machines. The first app the tech giant patched was Illustrator, which

Read More
09 Sep 2020

Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers

As part of its regularly scheduled security updates, Adobe fixed five critical cross-site scriptings (XSS) flaws hidden in Adobe Experience Manager. The flaws could potentially allow threat actors to execute arbitrary JavaScript code in victims’ browsers. Experience Manager is a popular platform used to manage content for building websites, applications,

Read More
12 Aug 2020

Critical Adobe Acrobat and Reader Bugs Allow RCE

On Tuesday, Adobe patched several critical and important flaws related to CVEs in Acrobat and Adobe Reader. The fixes were part of the company’s regularly scheduled security updates. 11 holes in Acrobat and Reader ranked as critical have been patched. The now-fixed flaws could allow attackers to remotely execute code

Read More
22 Jul 2020

Adobe issues emergency fixes for critical vulnerabilities in Photoshop, Bridge, Prelude

Adobe rushed to publish emergency fixes for critical vulnerabilities the company became aware of just a week after issuing its standard monthly security update. Adobe published security advisories for another 13 vulnerabilities, 12 of which are classified as critical or high risk. The vulnerabilities lie in Adobe Photoshop, Bridge, and

Read More
23 Jun 2020

Adobe Prompts Users to Uninstall Flash Player As EOL Date Looms

Adobe is beginning to warn Flash Player users about the application’s end of life date (EOL), which is December 31, 2020. Adobe stated that it will begin to prompt users to uninstall the software over the next several months as the EOL approaches. After this date, Adobe will not sure

Read More
28 Oct 2019

7.5 Million Adobe Accounts Exposed by Security Blunder

A leaky database belonging to Adobe exposed the private data of 7.5 million customers, a security researcher recently discovered. The information that had been exposed for an unknown period of time, included customer email addresses, countries, member IDs as well as account and subscription information. The information could be used

Read More