software exploits

Malware & Threats

Issued by: SecurityWeek

As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation detected” category and urged Windows sysadmins to urgently apply available fixes. The most serious of the two bugs is described as a privilege escalation flaw in Microsoft Streaming…

Software Security

Issued by: Security Week

CIA Router Hacking Tool Exposed by WikiLeaks

Documents published by WikiLeaks on Thursday provide details on a tool allegedly used by the U.S. Central Intelligence Agency (CIA) to hack routers and access points. Dubbed CherryBlossom, the tool is described by its developers as a system designed for monitoring a target’s Internet activity and delivering software exploits via wireless networking devices. WikiLeaks said…