We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Urgent update

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
Winsage
April 13, 2025

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed

Microsoft addressed over 120 vulnerabilities during its April 2025 Patch Tuesday, including a critical zero-day vulnerability (CVE-2025-29824) that is actively exploited. WinRAR users are urged to update to version 7.11 due to a vulnerability (CVE-2025-31334) that allows attackers to bypass Windows' Mark of the Web security feature. Chief Information Security Officers (CISOs) are experiencing security platform fatigue due to the proliferation of multiple security tools. President Donald Trump signed an Executive Order revoking security clearances for Chris Krebs and his colleagues at SentinelOne. Cyber crisis simulations are becoming essential for organizational preparedness against evolving cyber threats. Fortinet has released patches for vulnerabilities, including a critical flaw (CVE-2024-48887) in FortiSwitch appliances. WhatsApp users should update their Windows client app to fix a vulnerability (CVE-2025-30401) that could allow harmful code execution. Kevin Serafin, CISO at Ecolab, discussed aligning security initiatives with business objectives. There is a rise in compromised large language model (LLM) attacks and risks associated with AI autonomy. New open-source tools like the YES3 Scanner and APTRS have been developed to enhance security capabilities. The cybersecurity job market remains strong, with increasing demand for skilled professionals.
Update Now As Critical Windows 9.8/10 Vulnerability Confirmed
Winsage
October 12, 2024

Update Now As Critical Windows 9.8/10 Vulnerability Confirmed

A total of 117 security vulnerabilities were resolved in Microsoft's recent Patch Tuesday update, including five critical zero-day vulnerabilities. One significant vulnerability, CVE-2024-43468, has a critical severity rating of 9.8 out of 10 and affects Microsoft’s Configuration Manager, potentially allowing remote code execution. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests, enabling command execution on the server and database. Addressing CVE-2024-43468 requires specific actions from administrators, including an in-console update and user confirmation, with additional manual processes needed for secondary sites. Detailed mitigation instructions are available in Microsoft Knowledge Base article KB29166583. Security experts advise immediate updates to prevent exploitation, which could lead to lateral movement across networks and deployment of malicious configurations.
Android Auto Users Begging for Emergency Update As Popular App Hits a Black Screen
AppWizard
September 3, 2024

Android Auto Users Begging for Emergency Update As Popular App Hits a Black Screen

Android Auto users are experiencing issues with the Everand app, which has a 4.7-star rating and over 10 million downloads. Since late August, the app has displayed a black screen when accessed through Android Auto, although audiobooks continue to play in the background. This issue is linked to a recent update from Everand, not Google. Users have attempted troubleshooting methods like clearing app cache and deleting data, but these have not resolved the problem. Some users report that a recent update fixed the issue, while others still face the black screen. Currently, users can only control playback through their mobile devices. Google is working on enhancing Android Auto with new features, but no timeline for these updates has been provided.
Search