#updatenow — Public Fediverse posts

Microsoft's urgent Window 11 patch fixes 30 'critical' bugs — update your PC now | Tom's Guide
138 bugs including many that made network privileges vulnerable.
https://www.tomsguide.com/computing/online-security/microsofts-urgent-window-11-patch-fixes-30-critical-bugs-update-your-pc-now #cybersecurity #Microsoft #Windows11 #UpdateNow

Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones | Macworld https://www.macworld.com/article/3136857/apple-just-pushed-dozens-of-critical-security-updates-going-all-the-way-back-to-2015-iphones.html #cybersecurity #Apple #iOS #iPadOS #macOS #vulnerabilities #UpdateNow

Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones | Macworld https://www.macworld.com/article/3136857/apple-just-pushed-dozens-of-critical-security-updates-going-all-the-way-back-to-2015-iphones.html #cybersecurity #Apple #iOS #iPadOS #macOS #vulnerabilities #UpdateNow

Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones | Macworld https://www.macworld.com/article/3136857/apple-just-pushed-dozens-of-critical-security-updates-going-all-the-way-back-to-2015-iphones.html #cybersecurity #Apple #iOS #iPadOS #macOS #vulnerabilities #UpdateNow

Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones | Macworld https://www.macworld.com/article/3136857/apple-just-pushed-dozens-of-critical-security-updates-going-all-the-way-back-to-2015-iphones.html #cybersecurity #Apple #iOS #iPadOS #macOS #vulnerabilities #UpdateNow

Apple just pushed dozens of critical security updates, going all the way back to 2015 iPhones | Macworld https://www.macworld.com/article/3136857/apple-just-pushed-dozens-of-critical-security-updates-going-all-the-way-back-to-2015-iphones.html #cybersecurity #Apple #iOS #iPadOS #macOS #vulnerabilities #UpdateNow

If you use Signal on iPhone, this new iOS update is worth installing sooner rather than later - Trusted Reviews https://www.trustedreviews.com/news/if-you-use-signal-on-iphone-this-new-ios-update-is-worth-installing-sooner-rather-than-later #cybersecurity #IoS #iPhone #updatenow

Microsoft fixes 167 security flaws in April, second biggest Patch Tuesday ever | PCWorld https://www.pcworld.com/article/3115041/microsoft-fixes-167-security-flaws-in-april-second-biggest-patch-tuesday-ever.html #cybersecurity #Windows #167Flaws #updatenow

Iphone: Alert for iPhone users
https://vaartha.com/business/alert-for-iphone-users/625999/
#iPhoneAlert #iPhoneSecurity #AppleWarning #iOSUpdate #iPhoneUsers #SecurityAlert #TechNews #iPhoneVulnerability #UpdateNow #CyberThreat

Iphone: Alert for iPhone users
https://vaartha.com/business/alert-for-iphone-users/625999/
#iPhoneAlert #iPhoneSecurity #AppleWarning #iOSUpdate #iPhoneUsers #SecurityAlert #TechNews #iPhoneVulnerability #UpdateNow #CyberThreat

Iphone: Alert for iPhone users
https://vaartha.com/business/alert-for-iphone-users/625999/
#iPhoneAlert #iPhoneSecurity #AppleWarning #iOSUpdate #iPhoneUsers #SecurityAlert #TechNews #iPhoneVulnerability #UpdateNow #CyberThreat

Iphone: Alert for iPhone users
https://vaartha.com/business/alert-for-iphone-users/625999/
#iPhoneAlert #iPhoneSecurity #AppleWarning #iOSUpdate #iPhoneUsers #SecurityAlert #TechNews #iPhoneVulnerability #UpdateNow #CyberThreat

Iphone: Alert for iPhone users
https://vaartha.com/business/alert-for-iphone-users/625999/
#iPhoneAlert #iPhoneSecurity #AppleWarning #iOSUpdate #iPhoneUsers #SecurityAlert #TechNews #iPhoneVulnerability #UpdateNow #CyberThreat

🚨【資安快訊】QNAP 緊急更新！

QNAP 於 11/10 發布了重要安全更新，緊急修補在 Pwn2Own 2025 資安競賽中被揭露的 ⚠️ 七項零日漏洞！

影響範圍包含 QTS/QuTS hero 作業系統及多項關鍵套件，駭客可藉此遠端執行程式碼、發動勒索軟體攻擊或竊取資料。

由於 QNAP 在台灣 🇹🇼 使用者眾多，強烈建議所有家用、SOHO 及中小企業用戶務必立即檢查並更新您的 NAS 系統，保護資料安全！🛡️

詳細資訊與更新方式：
https://2025.data-recover.com.tw/news/QNAP%E4%BF%AE%E8%A3%9CPwn2Own-2025%E4%B8%83%E9%A0%85%E9%9B%B6%E6%97%A5%E6%BC%8F%E6%B4%9E-%E5%85%A8%E5%8F%B0NAS%E8%AB%8B%E7%AB%8B%E5%8D%B3%E6%9B%B4%E6%96%B0

#QNAP #NAS #資安 #網路安全 #零日漏洞 #勒索軟體 #台灣 #科技新聞
#CyberSecurity #InfoSec #TechNews #ZeroDay #Vulnerability #Ransomware #UpdateNow #news #tech
#サイバーセキュリティ #セキュリティ #脆弱性 #ゼロデイ #ランサムウェア #NAS

New Microsoft Alert — Update Windows 10 And 11 Now, Attacks Underway https://www.forbes.com/sites/daveywinder/2025/11/12/new-microsoft-alert---update-windows-10-and-11-now-attacks-underway/ #cybersecurity #Windows #Chrome #vulnerabilities #updatenow

Hackers Target Google Chrome Security Sandbox With 0Day Attack https://www.forbes.com/sites/daveywinder/2025/10/27/hackers-target-google-chrome-security-sandbox-with-0day-attack/ #cybersecurity #Chrome #Browser #0Day #updatenow

Google Chrome ist von zwei kritischen Sicherheitslücken bedroht, darunter eine mit potenziell schädlichem Schadcode-Einschleusen via Serviceworker (CVE-2025-10200). Nutzer sollten auf Version 140.0.7339.127+ aktualisieren, um die Gefahr zu bannen. Mehr Infos: https://www.heise.de/news/Kritische-Schadcode-Sicherheitsluecke-bedroht-Google-Chrome-10640029.html 🚨🔒 #CyberSecurity #GoogleChrome #UpdateNow #newz

Google just fixed 84 Android security flaws including two actively exploited zero-days — update your phone right now | Tom's Guide https://www.tomsguide.com/computing/online-security/google-just-fixed-84-android-security-flaws-including-two-actively-exploited-zero-days-update-your-phone-right-now #cybersecurity #0day #Android #updatenow

🚨 Kritische #WhatsApp-Sicherheitslücke entdeckt! Cyberkriminelle können per Zero-Click-Angriff ohne Nutzeraktion Spyware einschleusen. Betroffen sind iOS- und Mac-Versionen vor 2.25.21.73/78. Update jetzt installieren! 🔒📱 Details: https://www.n-tv.de/technik/Gefaehrliche-Sicherheitsluecke-bei-Whatsapp-entdeckt-article26004851.html #Cybersecurity #UpdateNow #newz

iOS 18.6 has important security fixes, here are the full details - 9to5Mac https://9to5mac.com/2025/07/29/ios-18-6-has-important-security-fixes-here-are-the-full-details/ #cybersecurity #Apple #ios18dot6 #macOS18dot6 #updatenow

🚨 Browser- und Mail-Updates alert! Mozilla & Google patchen kritische Sicherheitslücken in Firefox 141, Thunderbird 141 & Chrome 137 🚀 Nutzer sollten schnell updaten, um gegen Memory-Bugs & Code-Exploits geschützt zu sein. Sicherheit first! 🔐🛡️ #Cybersecurity #UpdateNow #Firefox #Chrome #Thunderbird https://www.heise.de/news/Chrome-Firefox-Thunderbird-Neue-Versionen-beheben-Schwachstellen-10497296.html
#newz

Windows Nutzer können https://patchmypc.com/product/home-updater/ verwenden.

Google has released an emergency Chrome update to patch CVE-2025-6558, a high-severity sandbox escape flaw actively exploited in the wild 🚨. The vulnerability affects ANGLE/GPU components and could let attackers break out of Chrome’s security sandbox via a malicious webpage 💻. This impacts all major platforms and Chrome derivatives—update immediately! 🔗 https://cyberinsider.com/google-patches-actively-exploited-sandbox-escape-flaw-in-chrome/ #Cybersecurity #UpdateNow #Chrome #ZeroDay #newz

Update to WoodpeckerCI v3.8.0! 🚀 Now with pipeline author & avatar env vars, BitbucketDC PR file changes support, fixed GitLab MR fetching & improved docs. Smarter CI/CD with every release! 🔧✨ #WoodpeckerCI #release #CI #DevOps #UpdateNow

Google Chrome Warning—Do Not Ignore 7 Day Update Deadline - Google issues update warning for 2 billion Chrome users https://www.forbes.com/sites/zakdoffman/2025/06/18/google-chrome-warning-do-not-ignore-7-day-update-deadline/ #cybersecurity #Chrome #browser #updatenow

Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
https://www.forbes.com/sites/daveywinder/2025/06/11/microsoft-issues-windows-10-and-11-update-as-attacks-already-underway/
#cybersecurity #Windows #0day #PatchTuesday #updatenow #CVE-2025033053 #underattack

Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
https://www.forbes.com/sites/daveywinder/2025/06/11/microsoft-issues-windows-10-and-11-update-as-attacks-already-underway/
#cybersecurity #Windows #0day #PatchTuesday #updatenow #CVE-2025033053 #underattack

Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
https://www.forbes.com/sites/daveywinder/2025/06/11/microsoft-issues-windows-10-and-11-update-as-attacks-already-underway/
#cybersecurity #Windows #0day #PatchTuesday #updatenow #CVE-2025033053 #underattack

Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
https://www.forbes.com/sites/daveywinder/2025/06/11/microsoft-issues-windows-10-and-11-update-as-attacks-already-underway/
#cybersecurity #Windows #0day #PatchTuesday #updatenow #CVE-2025033053 #underattack

Google Issues Emergency Chrome Patch for Critical Flaw
In a digital landscape increasingly fraught with cyber threats.
https://www.webpronews.com/google-issues-emergency-chrome-patch-for-critical-flaw/ #cybersecurity #Chrome #browser #vulnerability #updatenow

🚨 FBI Warning: TheMoon malware is back — targeting end-of-life routers to install proxies & hide criminal activity.

🛑 No patches = high risk.

𝗥𝗘𝗟𝗜𝗔𝗡𝗢𝗜𝗗 𝗘𝗘 𝘃𝗲𝗿𝘀𝗶𝗼𝗻 𝟲 𝘄𝗶𝗹𝗹 𝗿𝗲𝗮𝗰𝗵 𝗘𝗻𝗱 𝗼𝗳 𝗟𝗶𝗳𝗲 𝘁𝗵𝗶𝘀 𝗝𝘂𝗻𝗲. Upgrade now to v8+ for:

⚡ Fast proxy engine
🌐 HTTP/2 support
🔄 Hot restarts
🛡️ Stronger security

👉 Stay protected:
https://www.relianoid.com/blog/malware-targeting-end-of-life-routers/

#CyberSecurity #RouterSecurity #Relianoid #TheMoonMalware #UpdateNow #ITSecurity #ZeroTrust #Networking

https://www.forbes.com/sites/daveywinder/2025/05/14/microsoft-confirms-windows-is-under-attack---you-must-act-now/
#cybersecurity #Microsoft #patchtuesday #exploitwednesday #updatenow

Keep OS and apps up to date.
Patches fix security and privacy flaws.
#PatchManagement #CyberSecurity #UpdateNow

Cybersecurity Tip #4: Κράτα το Λογισμικό σου Πάντα Ενημερωμένο!
🛠️🔄

Οι ενημερώσεις λογισμικού δεν είναι απλά για να προσθέτουν νέες λειτουργίες — είναι βασικές για την ασφάλειά σου! Κάθε φορά που προγραμματιστές εντοπίζουν ευπάθειες σε συστήματα (όπως Windows, Android, εφαρμογές ή προγράμματα περιήγησης), κυκλοφορούν updates που τις διορθώνουν.

Αν δεν τις εγκαταστήσεις άμεσα, αφήνεις "πόρτες" ανοιχτές στους επιτιθέμενους.

Τι να κάνεις:

🔹Ενεργοποίησε τις αυτόματες ενημερώσεις
🔹Κάνε συχνό έλεγχο για διαθέσιμα updates
🔹Μην αμελείς τα updates για antivirus ή firewall

💡Bonus Tip: Ενημέρωνε και τις «έξυπνες» συσκευές σου (π.χ. κάμερες, ρούτερ, smart TV)!

#Cybersecurity #SoftwareUpdates #UpdateNow #Ασφάλεια #ΨηφιακήΠροστασία

https://www.macrumors.com/2025/04/16/ios-18-4-1-security-fixes/
#cybersecurity #Apple #iOS #macOS #AppleCarPlay #updatenow

https://www.tomsguide.com/computing/online-security/microsoft-just-patched-134-windows-security-flaws-including-a-zero-day-used-by-hackers-update-your-pc-right-now
#cybersecurity #Windows #patchtuesday #134Vulnerabilities #updatenow

https://thehackernews.com/2025/03/zero-day-alert-google-releases-chrome.html
#cybersecurity #Google #chrome #browser #updatenow

https://www.forbes.com/sites/daveywinder/2025/03/12/critical-windows-warning-as-6-zero-day-attacks-confirmed-update-now/
#cybersecurity #Windows #0Days #updatenow

https://www.theverge.com/news/609546/apple-iphone-ipad-usb-restricted-mode-zero-day-exploit-patch #cybersecurity #Apple #iPhone #iPad #updatenow

https://www.bleepingcomputer.com/news/security/apple-fixes-this-years-first-actively-exploited-zero-day-bug/ #cybersecurity #Apple #Oday #updatenow #iPhone #macOS

🚨 Security Alert! 🚨 Fortinet has flagged a critical vulnerability that allows attackers to take over devices remotely! 😱 If you're using FortiWLM versions 8.6.0-8.6.5 or 8.5.0-8.5.4, update immediately! 🛡️ This flaw was first discovered in May 2023 and remained unaddressed for months! 🔒 Read more here: https://www.techradar.com/pro/security/fortinet-flags-some-worrying-security-bugs-coming-back-from-the-dead #CyberSecurity #Fortinet #Vulnerability #UpdateNow #newz

Apple has rolled out iOS 18.2, fixing a serious encryption flaw in its Passwords app! 🔒 This update addresses a vulnerability that exposed users to potential MITM attacks due to unencrypted HTTP connections. 🚨 Users are urged to update their devices to ensure their passwords remain secure. 🛡️ #Apple #iOS182 #CyberSecurity #UpdateNow #newz
Read more: https://cyberinsider.com/apple-fixes-encryption-flaw-in-passwords-app-with-ios-18-2-update/

https://www.tomsguide.com/phones/iphones/apple-just-fixed-two-major-iphone-security-flaws-install-these-emergency-updates-now #cybersecurity #Apple #iOS #iPadOS #0days #updatenow

"🚨 Critical Vulnerability Alert: ConnectWise ScreenConnect Under Attack! 🚨"

Sophos researchers have unveiled a situation for users of ConnectWise ScreenConnect, detailing how CVE-2024-1709 and CVE-2024-1708 vulnerabilities are being exploited to deliver malware, including the notorious LockBit ransomware. These vulnerabilities open the door for attackers to execute arbitrary code and take control of unpatched systems.

ConnectWise ScreenConnect, a remote access software, has vulnerabilities being exploited by hackers to deliver malware, including ransomware, to businesses. Critical vulnerabilities allow unauthorized access and command execution. It's essential to update ScreenConnect to version 23.9.8 or later to mitigate these risks. Cloud-hosted ScreenConnect users are safe, but on-premise versions need manual updates.

To protect your organization from specific security weaknesses in ScreenConnect software, follow these simplified steps:

1. Find all ScreenConnect software in your network, including those managed by others. It's essential to know where it's installed to understand your risk.
2. Isolate or remove the ScreenConnect Client from devices until the server is securely updated or thoroughly checked. If you don't control the server, removing the client might be the best quick fix.
3. Examine devices with ScreenConnect for signs of hacking, like new unknown user accounts, strange software behavior, and attempts to disable security features.
4. If you find anything suspicious, start your incident response plan to tackle the issue and prevent further damage. Specifically, look for indicators of two main vulnerabilities (CVE-2024-1709 & CVE-2024-1708) by examining server versions, IP connections, and unexpected file presence, which could show a breach. 🛡️💻🔐

Tags: #CyberSecurity #ConnectWiseScreenConnect #Vulnerability #Malware #Ransomware #LockBit #CVE2024-1709 #CVE2024-1708 #UpdateNow #StaySecure

Source: Sophos News

"🚨 Multiple issues in Jenkins, an open-source automation server that is widely used in software development 🐛🔧"

Jenkins, a popular automation server, has a vulnerability in its command line interface (CLI). This issue stems from the args4j library's feature that replaces an "@" character followed by a file path with the contents of that file. This feature, enabled by default in Jenkins versions up to 2.441 and LTS 2.426.2, allows attackers to read files on the Jenkins controller's file system. Users with "Overall/Read" permission can read entire files, while those without this permission can read the first few lines, depending on the CLI commands available.

The vulnerability also extends to binary files, including cryptographic keys, albeit with some limitations. Various attack vectors have been identified, exploiting this flaw to achieve remote code execution or other malicious objectives. These include manipulating the "Resource Root URL" functionality, forging "Remember me" cookies, conducting stored cross-site scripting (XSS) attacks through build logs, bypassing CSRF protection, decrypting secrets stored in Jenkins, deleting items, and downloading Java heap dumps. These attacks rely on specific conditions, such as the ability to retrieve binary secrets, access to Jenkins's web session ID, and the attacker's knowledge or guesswork about user names with "Overall/Read" permission.

🚨💻

Key vulnerabilities include:

• CVE-2024-23897: Arbitrary file read vulnerability through the CLI can lead to RCE
• CVE-2024-23899: Git server Plugin allowing file content exposure that can lead to RCE.
• CVE-2024-23900: Matrix Project Plugin with user-defined axis names issues.
• CVE-2024-23901 & CVE-2024-23902: GitLab Branch Source Plugin with risks of crafted Pipeline builds and CSRF vulnerabilities.
• CVE-2024-23903: Potential for webhook token theft in GitLab Branch Source Plugin.
• CVE-2023-6147 & CVE-2023-6148: Qualys Policy Compliance Scanning Connector Plugin with XSS and XXE vulnerabilities.

🔐 Recommended actions:

• Update Git server Plugin to version 99.101.v720e86326c09 or later.
• Update GitLab Branch Source Plugin to version 688.v5fa_356ee8520 or later.
• Update Matrix Project Plugin to version 822.824.v14451b_c0fd42 or later.
• Update Qualys Policy Compliance Scanning Connector Plugin to version 1.0.6 or later.
• For detailed mitigation steps, see Jenkins' advisory: Jenkins Security Advisory.

Stay alert and ensure your Jenkins environment is up-to-date! 🛡️💡

Sources: Jenkins Security Advisory and Tenable,

Tags: #Jenkins #Vulnerability #CVE2024 #CyberThreat #PluginSecurity #UpdateNow 🚀👨‍💻🛠️

"⚠️ Alert: Google Chrome Zero-Day CVE-2023-7024 Exploited in the Wild! 🌐💥"

Google's latest patch addresses a critical zero-day vulnerability in Chrome, CVE-2023-7024. Identified as a heap-based buffer overflow in WebRTC, it's exploited in the wild. Chrome versions before 120.0.6099.129 are vulnerable. 🚨

Details: CVE-2023-7024, discovered by Google TAG, affects several browsers using WebRTC. It's the eighth zero-day patched by Google this year, underscoring the evolving cybersecurity landscape.

Mitigation: Users should urgently update to Chrome 120.0.6099.129/130 (for Windows) or 120.0.6099.129 (for Mac/Linux) to protect against this and other security fixes included in recent Chrome updates. 🛡️

Source: Qualys ThreatPROTECT by Diksha Ojha; Chrome Releases Blog

Tags: #Cybersecurity #GoogleChrome #ZeroDay #CVE2023 #WebRTC #UpdateNow #CyberAttack #InfoSecExchange

New Chrome update available - strongly recommended as it includes yet another security fix (in the Java engine somewhere). I am now running Version 112.0.5615.121 (Official Build) (x86_64)

to update: click on the three vertical dots in the upper-right corner > Help > About Chrome, and check/update as needed.

#chrome #google #updateNow
#17April2023