DNS issues are bad news, and SigRed is among the worst: Microsoft fixes a flaw in Windows DNS Server which has a severity rating of 10 and is believed to be wormable.
Palo Alto Networks has patched a critical flaw in many of its products that support SAML-based authentication for SSO.
Billions of network-connected devices, such as printers, routers, smart TVs, and video game consoles, are open to attack via the CallStranger vulnerability in the Universal Plug and Play (UPnP) protocol.
The Sandworm team, associated with the Russian GRU, is exploiting a flaw in the Exim mail transfer agent, the NSA warned in a new advisory.
The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.