SAP Patches Critical Vulnerability in ECC and S/4HANA Products
German enterprise software maker SAP on Tuesday announced the release of 16 new security notes as part of its July 2023 Security Patch Day. In…
Category: SecurityWeek
Former Security Engineer Arrested for $9 Million Crypto Exchange Hack
The US today announced the arrest of Shakeeb Ahmed on charges related to the defrauding of a decentralized cryptocurrency exchange in 2022. Ahmed, 34, of…
Microsoft Warns of Office Zero-Day Attacks, No Patch Available
Russian spies and cybercriminals are actively exploiting still-unpatched security flaws in Microsoft Windows and Office products, according to an urgent warning from the world’s largest…
Apple’s Rapid Security Response Patches Are Breaking Websites
Apple has pulled its latest Rapid Security Response updates for iOS and macOS after users complained that they could no longer access some websites. The…
Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion
Software maker Adobe on Tuesday called attention to critical security flaws in its InDesign and ColdFusion products, warning that the defects expose users to malicious…
SaaS Application Security Firm Savvy Exits Stealth Mode With $30 Million in Funding
On a path to eliminate security incidents involving software-as-a-service (SaaS) applications, Israeli startup Savvy announced today that it has exited stealth mode with $30 million…
ICS Patch Tuesday: Siemens, Schneider Electric Fix 50 Vulnerabilities
Siemens and Schneider Electric on Tuesday released a total of nine new security advisories addressing a total of 50 vulnerabilities affecting their industrial products. Siemens…
Verifying Software Integrity With Sigstore
Software Supply Chain: Part 3 As part of my software supply chain series, I want to move on to the area of code signing and…
Personal Information of 11 Million Patients Stolen in Data Breach at HCA Healthcare
HCA Healthcare on Monday announced that the personal information of roughly 11 million patients was stolen in a data breach. The incident, the healthcare services…
Russia-Linked RomCom Hackers Targeting NATO Summit Guests
As part of a recently identified cyber operation, a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the…
Apple Ships Urgent iOS Patch for WebKit Zero-Day
Apple on Monday rolled out an urgent software update to its iOS and iPadOS mobile operating systems and warned that zero-day exploitation has already been…
Exploit Code Published for Remote Root Flaw in VMware Logging Software
Virtualization technology giant VMware on Monday warned that exploit code has been publicly released for a pre-authentication remote code execution flaw in its enterprise-facing VMware…