Patch now, urges CISA
Flaw used to attack NATO summit attendees remains unpatched
Public disclosure 'did not follow normal industry standards', complains Progress Software
Customers urged to ensure email security gateway appliances are up-to-date, halt the use of compromised and refresh all credentials
A Secure Boot bypass flaw was actively exploited by a threat actor to install the BlackLotus UEFI bootkit
Vulnerability already used in Chinese shopping app Pinduoduo
More than one actor used the same zero-day bug to steal user data from the platform
New version to be released 1st November. Organisations should act now to track down OpenSSL 3.0.x in their infrastructure, warns Sonatype
The ninth this year