June Patch Tuesday digs into 67 bugs
An extremely Windows-heavy month, with a surprise cameo by… Sophos?!
An extremely Windows-heavy month, with a surprise cameo by… Sophos?!
Related
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker
Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. “The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews,” Ryan Sherstobitoff, senior vice president…
Critical Bugs Could Spark Takeover of Widely Used Fire Safety OT/ICS Platform
The unpatched security vulnerabilities in Consilium Safety’s CS5000 Fire Panel could create “serious safety issues” in environments where fire suppression and safety are paramount, according to a CISA advisory.
Middle East, North Africa Security Spending to Top $3B
Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.
Google ‘ImageRunner’ Bug Enabled Privilege Escalation
Tenable released details of a Google Cloud Run flaw that prior to remediation allowed a threat actor to escalate privileges.
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
AI worms, or “viruses with wings and brains,” adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers say.