Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program. Of the 183 vulnerabilities, […]
Author Archives: Onsite Computing, Inc.
Organizations across the continent saw 10% fewer attacks in September, but Africa remains the most attacked region in the world, leading the Global South. Go to Source Author: Robert Lemos, Contributing Writer
Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges. The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system. “The vulnerabilities affect Red Lion SixTRAK and VersaTRAK Go […]
Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution due to the fact that the call […]
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization. “Due to a deserialization […]
October 2025’s enormous Patch Tuesday offers plenty of nightmares for admins, including actively exploited zero-days and insidious high-severity privilege-escalation bugs — and it spells curtains for Windows 10 updates. Go to Source Author: Jai Vijayan, Contributing Writer
A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft’s Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors. […] Go to Source Author: Bill Toulas
Chinese APT threat actors compromised an organization’s ArcGIS server, modifying the widely used geospatial mapping software for stealth access. Go to Source Author: Rob Wright
The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo. Go to Source Author: Alexander Culafi
In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final free update for the operating system as it reaches the end of its support lifecycle. […] Go to Source Author: Lawrence Abrams