Microsoft Just Patched a Major Security Vulnerability for This Popular Windows App

Users could be tricked into running arbitrary code, but the issue was patched last week.
The Hacker News

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

Mozilla Issues Firefox System Takeover Security Update

Security issue impacts Firefox web browser and Thunderbird email client, potentially enabling attackers to execute arbitrary ...

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...
SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
Dark Reading

What You Need to Know About Arbitrary Code Execution Vulnerabilities

They're serious. Notices about arbitrary code execution (ACE) vulnerabilities appear just about every week in alerts from US-CERT — the United States Computer Emergency Readiness Team, a part of the ...
CPO Magazine

Apple Patches Ancient Zero-Day Vulnerability Present in iOS for Nearly Two Decades

A zero-day vulnerability that has been with iOS since the first iPhone launched has been identified and patched out by Apple, ...
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...