For January, Patch Tuesday starts off with a bang

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day ...
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system ...
The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow artificial intelligence (AI) Platform that could enable an unauthenticated user to impersonate another ...
Network World

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup config files

The vendor has issued a patch to close four holes in its flagship Backup & Replication suite; version 13 users are advised to audit their backup config files and closely monitor backup jobs. Veeam ...
InfoWorld

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications. IBM is urging customers to quickly patch a critical vulnerability in its API ...