Connect with us
VMware has published security updates for the critical remote code execution vulnerability known as Spring4Shell, which impacts several of its cloud computing and virtualization products. A...
Rapid7 announced the release of a report examining the 50 most notable security vulnerabilities and high-impact cyberattacks in 2021. On any given day, security professionals must prioritize...
A Mirai-based distributed denial-of-service (DDoS) botnet tracked as Beastmode (aka B3astmode) has updated its list of exploits to include several new ones, three of them targeting various models...
In this video for Help Net Security, Ax Sharma, Senior Security Researcher at Sonatype, talks about the latest developments regarding Spring4Shell, the unauthenticated RCE zero-day vulnerability in...
A critical vulnerability (CVE-2022-1040) in Sophos Firewall in being exploited in the wild to target “a small set of specific organizations primarily in the South Asia...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a massive set of 66 actively exploited vulnerabilities to its catalog of ‘Known Exploited Vulnerabilities.’ These flaws...
The Muhstik malware gang is now actively targeting and exploiting a Lua sandbox escape vulnerability in Redis after a proof-of-concept exploit was publicly released. The vulnerability...
North Korean state hackers have exploited a zero-day, remote code execution vulnerability in Google Chrome web browser for more than a month before a patch became...
ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits the war in Ukraine and...
We don’t know what we don’t know; this is the quintessential problem plaguing security teams and the primary reason that zero-day exploits can cause such damage. They’re a...
Recent Comments