A use-after-free vulnerability, identified as CVE-2023-5345, has been discovered in the Linux kernel's fs/smb/client component. This vulnerability has the potential for local privilege escalation. Specifically, the vulnerability arises from an error in the smb3_fs_context_parse_param function, leading to the improper handling of the ctx->password field. If exploited, this could result in a double-free condition. The severity of this vulnerability is rated as high (CVSS v3 Base Score: 7.8).

The Hospital for Sick Children, known as SickKids, was impacted by a recent breach at Better Outcomes Registry & Network (BORN) Ontario, a perinatal and child registry. SickKids shares sensitive health information with BORN Ontario related to pregnancy, birth, newborn care, and childhood. The breach was caused by the exploitation of a zero-day vulnerability in software used to transfer files, called Progress MOVEIt, and affected 3.4 million individuals.

CVE-2023-42115, a CVSS 3.1: 9.8 rated critical vulnerability affects Exim Internet Mailer, a message transfer agent used with Unix systems connected to the internet. It is described as an AUTH out-of-bounds write remote code execution vulnerability.

A problematic vulnerability, CVE-2023-5313, has been identified in the phpkobo Ajax Poll Script version 3.18. This vulnerability resides in the file ajax-poll.php within the Poll Handler component and is related to improper enforcement of a single, unique action. The severity of this vulnerability is categorized as critical (CVSS v3 Base Score: 9.8). It allows remote attackers to exploit the system, and an exploit for this vulnerability has been publicly disclosed.

Cisco has issued a warning about a zero-day vulnerability, identified as CVE-2023-20109, impacting IOS and IOS XE software. This medium-severity security flaw is associated with the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols used in the GET VPN feature. The vulnerability, discovered by X. B. of the Cisco Advanced Security Initiatives Group (ASIG), can potentially allow attackers to execute arbitrary code or cause system crashes. While exploitation requires administrative control of a key server or a group member, attackers have already started targeting it in attacks.

Google has identified and addressed a high-severity zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. This vulnerability involves a heap-based buffer overflow in the VP8 compression format within the libvpx video codec library, which is used by Google and the Alliance for Open Media (AOMedia). Clément Lecigne of Google's Threat Analysis Group (TAG) discovered and reported this flaw on September 25, 2023, and it has already been actively exploited by a commercial spyware vendor.

Microsoft has issued a warning regarding a new phishing campaign orchestrated by an initial access broker known as Storm-0324, also referred to as TA543 and Sagrid. This campaign deviates from the norm by utilizing Microsoft Teams messages as the primary vector for infiltrating corporate networks, moving away from traditional email-based infection methods.

The Ragnar Locker ransomware group has claimed responsibility for a cyberattack on Israel's Mayanei Hayeshua hospital, which occurred in early August. The attack disrupted the hospital's record-keeping system, causing a halt in new patient care.

A hacking group known as Earth Estries is conducting an ongoing cyber espionage campaign targeting government and technology sectors in various countries, including the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S.