Apple ‘Find My’ network can be abused to steal keylogged passwords https://www.bleepingcomputer.com/news/apple/apple-find-my-network-can-be-abused-to-steal-keylogged-passwords
VMware fixes critical code execution flaw in vCenter Server VMware fixes critical code execution flaw in vCenter Server (bleepingcomputer.com)
Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops – SecurityWeek
Over 40,000 admin portal accounts use ‘admin’ as a password Over 40,000 admin portal accounts use ‘admin’ as a password (bleepingcomputer.com)
Signal says there is no evidence rumored zero-day bug is real Signal says there is no evidence rumored zero-day bug is real (bleepingcomputer.com)
Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities – SecurityWeek
Millions of Exim mail servers exposed to zero-day RCE attacks Millions of Exim mail servers exposed to zero-day RCE attacks (bleepingcomputer.com)
Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676) Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676) – Help Net Security
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw Thousands of Juniper devices vulnerable to unauthenticated RCE flaw (bleepingcomputer.com)
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks (bleepingcomputer.com)