The Register on MSN

Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack

Plus: Adobe, SAP, Ivanti offer treats, not tricks Spooky season is in full swing, and this extends to Microsoft's October ...
The Hacker News

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

CVE-2023-42770 - An authentication bypass that arises as a result of the Sixnet RTU software listening to the same port ...

Oracle E-Business Suite exploitation traced back as early as July

Researchers say an extortion campaign linked to the Clop ransomware group used a series of chained vulnerabilities and ...
CSO Online

Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors

We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary ...

Multiple WordPress Vulnerabilities Affect 20,000+ Travel Sites

WordPress vulnerability rated 9.8 enables unauthenticated attackers to launch attacks and obtain sensitive data.

Around 50,000 Cisco firewalls are vulnerable to attack, so patch now

Around 50,000 internet-connected Cisco firewalls are vulnerable to two actively exploited flaws, granting threat actors ...
Bleeping Computer

Max severity RCE flaw discovered in widely used Apache Parquet

A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. The problem stems from the deserialization of ...
Ars Technica

Hundreds of e-commerce sites hacked in supply-chain attack

Hundreds of e-commerce sites, at least one owned by a large multinational company, were backdoored by malware that executes malicious code inside the browsers of visitors, where it can steal payment ...