SAP, a German software maker, has announced the release of nine new security notes. The security patches were released as part of the company’s November Security Patch day, which includes fixes for two critical bugs. The critical flaws lie in BusinessObjects and SAPUI5. Additionally, the company released updates to two

During this month’s Patch Tuesday, Microsoft released a relatively low number of security updates to fix flaws plaguing its products, however, six of the patches are flaws being actively exploited in the wild. According to Microsoft, one of these flaws is called “ProxyNotShell” and lies in the Microsoft Exchange Server.

Uber has reportedly been breached again after a threat actor claimed to have accessed its email and cloud systems as well as its internal Slack account and HackerOne tickets. The attack was announced last week and could have major effects on the ride-share company. The hacker allegedly sent screenshots to

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added six previously identified flaws to its Known Exploited Vulnerabilities Catalog. The addition was made last week, and the vulnerabilities are a frequent attack vector for threat actors, the agency stated. The CISA also noted that the flaws, although old, post

Security researchers at Binarly have reportedly uncovered six high-severity firmware vulnerabilities. The vulnerabilities were detected over the course of the past year and were first revealed at the Black Hat 2022 conference. The flaw affect HP EliteBook devices and range in severity scores from 7.5 to 8.2. The attacker could

The Cybersecurity and Infrastructure Security Agency (CISA) has urged IT administrators and users to implement recent updates released by Google as soon as possible to avoid the risk of an attacker leveraging several flaws that were patched in the update. Google released security updates for the Chrome browser on Mac,

Multiple sources have confirmed the discovery of a total of 56 vulnerabilities in OT products from 10 vendors, including popular companies Honeywell, Siemens, and Emerson. According to security researchers, most of the vulnerabilities are due to a lack of basic security mechanisms such as authentication and encryption. In addition, researchers

Google has released a new version of Chrome, Chrome 102, that contains 32 security fixes applying to Windows, Mac, and Linux devices. The vulnerabilities were allegedly reported to Google by external researchers and consist of one critical flaw, eight high severity, nine medium severity, and seven low severity. In addition

VMware has released a security advisory urging its customers to update their software to resolve critical vulnerabilities. One of the vulnerabilities present in VMware’s current software could allow for remote code execution in Workspace ONE Access. Other products impacted include VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and

SAP has been working around the clock to patch apps vulnerable to the Log4Shell flaw, releasing 21 fixes in its Patch Tuesday update. SAP has identified 32 different apps that have been affected by the critical vulnerability, which lies in the Apache Log4j Java-based jogging library that has been under