Latest about Vulnerability
GitHub launches private vulnerability reporting to secure the software supply chain
News The new platform aims to simplify vulnerability disclosure and minimise instances where researchers avoid reporting out of personal convenience
OpenSSL 3.0 vulnerability: Patch released for security scare
News The severity has been downgraded from 'critical' to 'high' and comparisons to Heartbleed have been quashed
Major security exploits expected to rise before New Year
News Supply chain attacks are also expected to increase, along with affiliate programmes becoming more popular
Second-ever OpenSSL critical vulnerability teased, 10 years after Heartbleed
News All OpenSSL versions beyond 3.0 are at risk, with more details due to be released alongside a patch on 1 November
Apple patches actively exploited iPhone, iPad zero-day and 18 other security flaws
News The out-of-bounds write error is the eighth actively exploited zero-day impacting Apple hardware this year and could facilitate kernel-level code execution
Undetectable PowerShell backdoor discovered hiding as Windows update
News SafeBreach researchers identified the backdoor, which they say went undetected on all major antivirus programs
Office 365's encryption feature can be easily hacked, warns WithSecure
News Researchers advise enterprises to move away from Office 365 Message Encryption, claiming its messages can be decrypted without a key
Fortinet reiterates call to mitigate against active zero-day, as customers delay fixes
News A large number of customers have yet to apply mitigations necessary to avoid the critical vulnerability
