mardi 23 janvier 2024 à 10:34
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure.
Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-date versions of the software, allowing unauthenticated attackers to achieve remote code execution on susceptible
mardi 23 janvier 2024 à 02:30
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild.
The issue, tracked as CVE-2024-23222, is a type confusion bug in the WebKit browser engine that could be exploited by a threat actor to achieve arbitrary code execution when processing maliciously crafted web content. The