St. Jude Medical patched the Merlin@home Transmitter, addressing flaws made public last year in a controversial disclosure by MedSec Holdings and Muddy Waters.

A host of web-based vulnerabilities in Orsam Lightify smart lighting products remain unpatched, despite private notification to the vendor in late May and CVEs assigned to the issues in June by CERT/CC. Researchers at Rapid7 today publicly disclosed some of the details on each of the nine vulnerabilities with temporary mitigation advice users can deploy...