CISA orders feds to patch actively exploited Dell flaw within 3 days

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under ...

Flaw in Grandstream VoIP phones allows stealthy eavesdropping

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.
The Hacker News

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.