According to Citrix, there are a total of 5 vulnerabilities affecting on-premise instances of XenMobile servers used in enterprises to manage all apps, devices, or platforms from one central location.

Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker to access a compromised system and steal user data.

The root cause behind speculative execution attacks, such as Meltdown and Foreshadow, was misattributed to 'prefetching effect,' resulting in incomplete mitigations and countermeasures by vendors.

A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers.

After the issue was reported to Apple through their responsible disclosure program, the iPhone maker addressed the vulnerability in a server-side update.

The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states.

According to Claroty researchers, successful exploitation of these vulnerabilities can give an unauthenticated attacker direct access to the ICS devices and potentially cause some physical damage.

Check Point said OkCupid's use of deep links could enable a bad actor to send a custom link defined in the app's manifest file to open a browser window with JavaScript enabled.

Dubbed 'Doki,' the new multi-threaded malware leverages an undocumented method for C2 communications, involving the Dogecoin cryptocurrency blockchain to generate unique C2 domain addresses.

Security experts found that DJI Go 4 Android app not only asks for extensive permissions and collects personal data, but it also uses anti-debug and encryption techniques to thwart security analysis.