Apple Zero-day Vulnerabilities (CVE-2021-30661, CVE-2021-30663, CVE-2021-30665, and CVE-2021-30666)

Apple has released a security update affecting its iOS, iPadOS, macOS, tvOS and watchOS products. The update addressed three zero-day vulnerabilities found in WebKit, a browser engine used by Safari and other third-party web browsers in iOS, that are reported to be exploited in the wild. In addition, another zero-day vulnerability was addressed on an continue reading : Apple Zero-day Vulnerabilities (CVE-2021-30661, CVE-2021-30663, CVE-2021-30665, and CVE-2021-30666)

PasswordState, Password Manager Tool Compromised

Click Studios, a software development company that offers active and effective solutions for companies, has suffered a security breach between 20th and 22nd of April targeting users of the company’s password manager, PasswordState. PasswordState is a password management solution that provides customers with role-based administration, end-to-end event auditing, 256bit AES data encryption, code obfuscation and continue reading : PasswordState, Password Manager Tool Compromised

SonicWall Zero-Day Vulnerabilities (CVE-2021-20021, CVE-2021-20022, CVE-2021-20023)

SonicWall has released an update for their hosted and on-premises email security products. The update addresses three zero-day vulnerabilities that are being actively exploited in the wild. Exploiting the flaws could allow attackers to gain administrative access to the vulnerable devices, access files and emails, install backdoor malwares, and move laterally to the victim organization’s continue reading : SonicWall Zero-Day Vulnerabilities (CVE-2021-20021, CVE-2021-20022, CVE-2021-20023)