LINK Not a vulnerability per se, but an interest to those that want to know that Automatic, the company behind Jetpack pushed out a software update to 5 million sites to fix a security vulnerability that has yet to publicly be disclosed.
LINK Numerous products got some updates. Nothing absolutely critical, but I believe it was worthy of a post.
LINK This is related to the vulnera previously described HERE. Cisco uses it and has called it out as something very much affecting them.
LINK Mozilla updated its Firefox and Firefox ESR products. Time to take a look again.
LINK Fancy Product Designer is a tool that enables businesses to offer customizable products, allowing customers to design any kind of item ranging from T-shirts to phone cases by offering the ability to upload images and PDF files that can be added to the products. It is currently being attacked by a zero-day. Update now.
LINK The firmware of all these vendors is Korenix. They were the weak link and took 1 year to provide updated firmware.
LINK A WYSIWYG HTML Rich text editor for developers and content creators was hit with a vulnerability. Examine if you use it.
LINK CISA put together a bunch of information about Cobalt Strike for you. Suggest taking a look.
LINK SonicWall firewalls are affected by a post auth vulnerability – if you have one, looks to updating.
LINK Examine your Drupal installation and take action if you are investigated.