SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated...
According to Google’s Project Zero team, threat actors exploited 0-day vulnerabilities to successfully carry out their attack. The IT security researchers at...
The attack requires the attacker to have physical access to the victim’s Titan Key, hours of time, and side-channel setup equipment worth...
Zyxel Communications Corp. is a manufacturer of networking devices. It is popular for firewalls that are marketed towards small and medium businesses. Their...
Apparently, Microsoft released a patch to fix the vulnerability in June but it did not work the way it was supposed to...
Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially...
Google’s Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could...
The US Cybersecurity Infrastructure and Security Agency (CISA) has warned of critical vulnerabilities in a low-level TCP/IP software library developed by Treck...
The giant Dell Wyse is affected by two Critical Vulnerabilities CVE-2020-29491 and CVE-2020-29492 which targets thin client devices. The CyberMDX Research team has...
Other than malware delivery; WinZip vulnerability also lets hackers carry out DNS poisoning and arbitrary code execution. Most of us are pretty...
Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited...
Easy WP SMTP, a WordPress plugin, with more than 500,000 installations, allows one to configure and send all outgoing mails via a...
Cisco has once again fixed four previously disclosed critical bugs in its Jabber video conferencing and messaging app that were inadequately addressed,...
Critical flaws in a core networking library powering Valve’s online gaming functionality could have allowed malicious actors to remotely crash games and...
A zero-click remote code execution (RCE) bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by...
The US National Security Agency (NSA) on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability...
Sophos has acknowledged the breach by sending email notifications to targeted customers. With data breaches happening every day, in the latest, we...
The hack occurred when researchers identified significant security flaws in the key fob of Tesla’s top-of-the-line SUV, Tesla Model X, the luxury...
The vulnerability (CVE-2020-27641) allowed malicious actors to bypass two-factor authentication (2FA) on the software using brute-force attacks. In the web hosting world,...
Several high-profile third-party Android apps still aren’t using the latest version of Google’s app update library, jeopardizing hundreds of millions of smartphone...
Juniper Threat Labs researchers observed active attacks on Oracle WebLogic software using CVE-2020-14882. This vulnerability, if successfully exploited, allows unauthenticated remote code...