Morning Overview on MSN

An Apache HTTP server flaw lets attackers crash — or take over — millions of web servers with a single HTTP/2 request

Somewhere north of 280 million websites still run on Apache HTTP Server, according to W3Techs usage statistics. In late May ...
Morning Overview on MSN

A critical Apache HTTP/2 flaw gives attackers a working proof-of-concept for remote code execution on millions of servers

A vulnerability in Apache HTTP Server’s HTTP/2 protocol handling now has working exploit code circulating among security ...
CSOonline

Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors

In light of new memory safety features added to Apple’s latest iPhone chips that make entire classes of exploits harder to pull off, the company has revamped its bug bounty program to double or ...
Bleeping Computer

New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems

A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension (MTE) to leak data with over a 95% chance of success, allowing hackers to bypass the security feature. The ...
CSOonline

Rise of zero-day exploits reshape security recommendations

Research from Rapid7 shows a spike in zero-days contributing to quicker exploit timelines, leaving IT security teams under strain with a greater need for post-incident response. With zero-day attacks ...
The Hacker News

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.