Mobile and IoT device manufacturers continue to ship products with the Android Debug Bridge feature automatically enabled -- a dangerous default setting that enables potential adversaries to connect to these devices.
Developers & vendors of numerous third-party security, forensics & incident response products for Mac computers have started issuing patches after researchers realised their software wasn't interacting with Apple's code-signing API.
Positive Technologies has elaborated on a critical remote code execution vulnerability its researchers discovered in the web interface of the Cisco Systems Access Control Server (ACS).
Adobe Systems has issued patches for four vulnerabilities in Flash Player, including a zero-day flaw that attackers have been exploiting in the wild in targeted attacks against Windows users in the Middle East, possibly in Qatar.
Cisco Systems has issued 28 security updates that patch vulnerabilities found in a variety of products, including two critical bugs that were assigned a CVSS (Common Vulnerability Scoring System) base score of 9.8.