Security Affairs
Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog|Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Security Affairs newsletter Round 585 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. CISA adds iCagenda and Balbooa Forms flaws to its Known Exploited Vulnerabilities catalog|Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices|Update Now: Critical Zimbra Classic Web Client Flaw Could Expose Mailboxes|Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018|222 GitHub Repositories Linked to Fake Go Package Malware Operation|Former Ransomware Negotiator Sentenced to 70 Months in Prison for Secretly Helping BlackCat Gang|GigaWiper Merges Three Malware Families Into One Destructive Backdoor|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

OpenSSL Project plans to patch soon High Severity Vulnerabilities

The OpenSSL Project yesterday announced that it plans to release will release on May 3 security patches for several vulnerabilities affecting the popular crypto library. The OpenSSL Project announced this week that it will release security patches for several vulnerabilities affecting the popular crypto library. The OpenSSL Project plans to release the patches on May 3, the list […]

OpenSSL

The OpenSSL Project yesterday announced that it plans to release will release on May 3 security patches for several vulnerabilities affecting the popular crypto library.

The OpenSSL Project announced this week that it will release security patches for several vulnerabilities affecting the popular crypto library.

The OpenSSL Project plans to release the patches on May 3, the list of vulnerabilities that will be fixed includes also High Severity flaws.

The OpenSSL versions 1.0.0 and 0.9.8 are no longer supported, this means that they will not receive any security updates in the future, meanwhile, the support for version 1.0.1 will end on December 31, 2016.

The users have noted that this is the third update for the OpenSSL crypto library issued in this year. Earlier this year the OpenSSL Project released versions 1.0.2f and 1.0.1r to fix a high-severity vulnerability (CVE-2016-0701) that allows attackers to decrypt secure traffic. The developers also patched two separate vulnerabilities in OpenSSL, the most severe affected the implementations of the Diffie-Hellman key exchange algorithm presents only in OpenSSL version 1.0.2.

OpenSSL Project

Another round of security updates released in March fixed vulnerabilities, including the DROWN flaw that could be exploited by attackers to access users’ sensitive data over secure HTTPS communications. In March, security experts estimated that the DROWN vulnerabilities affected a quarter of the top one million HTTPS domains and one-third of all HTTPS websites at the time of disclosure.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – encryption, OpenSSL project)