The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Adobe has released a security advisory to alert users of a vulnerability affecting the following applications:
Cisco has released a security advisory to address a vulnerability affecting CiscoWorks Common Services for Oracle Solaris and Microsoft Windows. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code with administrative privileges or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20101027-cs and apply any necessary updates or workarounds to help mitigate the risks.
Mozilla has released a blog entry indicating that it is aware of a critical vulnerability affecting Firefox 3.5 and Firefox 3.6. This vulnerability may allow an attacker to execute arbitrary code. The blog entry indicates that active exploitation of this vulnerability has been detected.
Update: The Mozilla Foundation has released Firefox 3.6.12 and 3.5.15 to address this vulnerability. Additionally, this vulnerability has been addressed in Thunderbird 3.1.6 and 3.0.10.