Surprisingly, Windows is not included in Patch Bonanza
If you are running iOS 16, macOS 13 Ventura, iPadOS 16.5.1, macOS 13.4.1, watchOS 9.5.2, we recommend applying the patch. There are two vulnerable zero-days, which is pretty annoying. One is a kernel-level flaw that can be exploited to execute arbitrary code with kernel privileges. Another is a bug in WebKit that executes code if you visit a malicious website. Both are exploited by the time you read this, so start updating now.
Linux and Linux-based IoT devices have been hijacked as part of a massive new campaign, so Linux users needn’t laugh right now. If an attacker somehow gains access to the device, it can insert her trojanized OpenSSH package and hide all her SSH credentials while hiding herself under another of her SSH credentials. Willing to steal No solution is available at this time, but Bleeping Computer has a detailed description of the attack that may help determine if you are a victim.
Last but not least, the new version of the Mirai botnet targets D-Link, Arris, Zyxel, TP-Link, Tenda, Netgear, and MediaTek devices. The botnet has 22 flaws and targets not only routers, but also vulnerable digital and network video recorders, WiFi communication dongles, temperature monitoring systems, access control systems, and even solar power monitors. . A list of vulnerabilities along with suggested mitigations is available on Bleeping Computer.
