It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer(IE) zero-day that cyber criminals are actively exploiting in the wild.

Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have physical access or any malware installed on a targeted computer.

Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards that could allow remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS.

Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity.

The vulnerabilities could leave hundreds of thousands of web applications that rely on PHP open to code execution attacks, including websites powered by some popular content management systems like WordPress, Drupal and Typo3.

If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately.Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to the recently patched 'BlueKeep' RDP vulnerability.

Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely.

The same team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood, in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords

Yesterday, some residents of Johannesburg, the largest city in South Africa, were left without electricity after the city's power company got attacked by a ransomware virus.

Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw.