Vulnerability
Latest about Vulnerability
![Welcome sign at GitHub Universe 2022](https://cdn.mos.cms.futurecdn.net/wmAZfwsXEoS9rvqq6EbyCm-320-80.jpg)
GitHub launches private vulnerability reporting to secure the software supply chain
By Connor Jones published
News The new platform aims to simplify vulnerability disclosure and minimise instances where researchers avoid reporting out of personal convenience
![Binary code](https://cdn.mos.cms.futurecdn.net/ebV9KGC3t4y2ZW2aHZksuQ-320-80.jpg)
OpenSSL 3.0 vulnerability: Patch released for security scare
By Connor Jones published
News The severity has been downgraded from 'critical' to 'high' and comparisons to Heartbleed have been quashed
![Graphic showing a red unlocked padlock surrounded by blue locked padlocks](https://cdn.mos.cms.futurecdn.net/NAaxiR4hmeiyy7eg8eT2A-320-80.jpg)
Major security exploits expected to rise before New Year
By Zach Marzouk published
News Supply chain attacks are also expected to increase, along with affiliate programmes becoming more popular
![Bright blue code appearing on screen to denote hacking](https://cdn.mos.cms.futurecdn.net/KAE3tGXMEcRfgDxLP9qFH4-320-80.jpg)
Second-ever OpenSSL critical vulnerability teased, 10 years after Heartbleed
By Rory Bathgate published
News All OpenSSL versions beyond 3.0 are at risk, with more details due to be released alongside a patch on 1 November
![The Apple logo on a glass storefront in Ireland](https://cdn.mos.cms.futurecdn.net/Lf5tVNMLrtzubvq3F5AhRk-320-80.jpg)
Apple patches actively exploited iPhone, iPad zero-day and 18 other security flaws
By Rory Bathgate published
News The out-of-bounds write error is the eighth actively exploited zero-day impacting Apple hardware this year and could facilitate kernel-level code execution
![Two screens showing computer code with a red box displaying the word 'PowerShell'](https://cdn.mos.cms.futurecdn.net/Pma4CdvF8sC4uQDjrLtjoD-320-80.jpg)
Undetectable PowerShell backdoor discovered hiding as Windows update
By Rory Bathgate published
News SafeBreach researchers identified the backdoor, which they say went undetected on all major antivirus programs
![A hand pressing a phone with the Office 365 logo shown on it, with the Office 365 logo on an orange wall in the background](https://cdn.mos.cms.futurecdn.net/m2M2qEAJmJeCSH7mPuavok-320-80.jpg)
Office 365's encryption feature can be easily hacked, warns WithSecure
By Rory Bathgate published
News Researchers advise enterprises to move away from Office 365 Message Encryption, claiming its messages can be decrypted without a key
![The Fortinet logo on a phone, with blue binary code in the background](https://cdn.mos.cms.futurecdn.net/EbCCK9B4A8MjWT59KzrtnU-320-80.jpg)
Fortinet reiterates call to mitigate against active zero-day, as customers delay fixes
By Rory Bathgate published
News A large number of customers have yet to apply mitigations necessary to avoid the critical vulnerability
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.