A zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw...
The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle East as part of a...
Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that could be abused...
F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution. The issue...
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted...
At least 1,200 Redis database servers worldwide have been corralled into a botnet using an “elusive and severe threat” dubbed HeadCrab since...
Cybersecurity researchers have disclosed details of two security flaws in the open source ImageMagick software that could potentially lead to a denial-of-service...
A new attack campaign has been targeting the gaming and gambling sectors since at least September 2022, just as the ICE London...
The Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with...
Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software, nearly two months after three...
The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022...
A shellcode-based packer dubbed TrickGate has been successfully operating without attracting notice for over six years, while enabling threat actors to deploy...
Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to...
A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. “The stealer is...
Researchers are warning about a spike in exploitation attempts weaponizing a now-patched critical remote code execution flaw in Realtek Jungle SDK since...
The threat actors associated with the Gootkit malware have made “notable changes” to their toolset, adding new components and obfuscations to their...
Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate...
The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering...
Lexmark products are susceptible to server-side request forgery because to insufficient input validation in the Web Services capability, as tracked by CVE-2023-23560....
Argo CD is a Kubernetes-based declarative GitOps continuous delivery platform. It is built as a Kubernetes controller that constantly monitors running apps...
In what’s a case of hacking the hackers, the darknet infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as...