Websites using a vulnerable version of the WordPress plugin, ThemeGrill Demo Importer, are being targeted by attackers.
Researchers are urging users of the GDPR Cookie Consent WordPress plugin to update as soon as possible.
Overall, Adobe patched flaws tied to 42 CVEs as part of its regularly scheduled updates.
The flaw could allow a remote, unauthenticated attacker to enter a password-protected video conference meeting.
CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote code execution and complete takeover.
Two proof-of-concept exploits were publicly released for the major Microsoft crypto-spoofing vulnerability.
Cisco patched two high-severity flaws this week, in its Webex and IOS XE Software products.
The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.
Samsung is reportedly rolling out fixes for a glitch that allowed anyone to dupe its Galaxy S10 fingerprint authentication sensor.
The Qode Instagram Widget and Qode Twitter Feed both have bugs that could allow redirects to malicious sites.