The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian’s Bitbucket Server and Data...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known...
QNAP Systems, Inc found a new DEADBOLT ransomware attacks that exploits zero-day vulnerability in Photo Station. QNAP urges all QNAP NAS users...
A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking...
QNAP has issued a new advisory urging users of its network-attached storage (NAS) devices to upgrade to the latest version of Photo...
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability’s long...
Zimbra CVE-2022-27824 has been added to the CISA’s “Known Exploited Vulnerabilities” catalog as a new vulnerability. Hackers are actively exploiting it in...
A cyber mercenary that “ostensibly sells general security and information analysis services to commercial customers” used several Windows and Adobe zero-day exploits...
A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems....
The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the “Follina” flaw in...
Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is...
An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office...
The contestants who successfully exploited 16 zero-day bugs within 16 different products in the Pwn2Own Vancouver 2022 first day won more than...
The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt)...
Several hackers have newly begun exploiting a recently patched critical vulnerability, identified as CVE-2022-30525, which is affecting business firewall and VPN devices...
Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code...
Cybercriminal groups have been exploiting a critical vulnerability in F5 BIG-IP solutions to erase file systems on affected devices, rendering servers completely...
A Chinese-aligned cyberespionage group has been observed striking the telecommunication sector in Central Asia with versions of malware such as ShadowPad and...
An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access...
A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the...
The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the...