Foxit Software, the company behind the highly popular Foxit Reader, has published security updates to fix a high severity remote code execution (RCE) vulnerability affecting the PDF reader.

An investigation revealed that certain files were accessed without permission, including first and last names, dates of birth, prescription information, and medical record numbers.

The main issues affecting routers supplied by ISPs such as Virgin, EE, Sky, TalkTalk, and Vodafone were weak default passwords, local network vulnerabilities, and the lack of firmware updates to patch security loopholes.

VMware has patched another critical vulnerability reported by Positive Technologies, a Russian cybersecurity firm that was sanctioned recently by the United States of America.

Russian cyberattacks are being deployed with new techniques - including exploiting vulnerabilities like the recent Microsoft Exchange zero-days - as its hackers continue to target governments, organizations, and energy providers around the world.

Panda Stealer, a new cryptocurrency variant, has been found spreading through a global spam campaign and potentially through Discord channels. It is targeting individuals across U.S., Australia, Japan, and Germany.

A dangerously bad zero-day vulnerability in macOS was being abused by the Shlayer malware to bypass Apple’s Gatekeeper, Notarization, and File Quarantine security checks.

Intel and AMD insist that users of their chips do not need to take any additional security measures as a result of the discovery because existing protections are adequate.

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction.

Attackers can use the TsuNAME DNS vulnerability as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers.