In February, Microsoft addressed a critical Windows Kernel privilege escalation vulnerability, CVE-2024-21338, six months after it was reported as actively [...]
Numerous reports from Anycubic customers online suggest that their 3D printers have been hacked, highlighting a vulnerability. The perpetrator uploaded [...]
14-year-old discontinued CMS editor exploited by threat actors to compromise education and government entities worldwide, poisoning search results with malicious [...]
Security researchers have uncovered a fresh campaign targeting Redis servers on Linux, employing a malware named 'Migo' for cryptocurrency mining. [...]
Microsoft has reportedly fixed Windows Metadata connection issues that persistently trouble users, hindering printer and hardware management. When new hardware [...]
SolarWinds patched five RCE vulnerabilities in Access Rights Manager (ARM), including three critical flaws. These issues, like path traversal weaknesses [...]
Microsoft has cautioned about a critical flaw in Exchange Server, CVE-2024-21410, exploited before this month's Patch Tuesday. This vulnerability enables [...]
CISA warns of an actively exploited vulnerability (CVE-2023-43770) in Roundcube email servers, allowing attackers to access restricted information via malicious [...]
A financially motivated threat actor, utilizing USB devices for initial infection, is exploiting legitimate online platforms such as GitHub, Vimeo, [...]
The elusive threat actor 'Blackwood' is employing the advanced NSPX30 malware in cyberespionage campaigns targeting entities in China, Japan, and [...]
A recently revealed ransomware operation called 'Kasseika' has adopted Bring Your Own Vulnerable Driver (BYOVD) tactics to bypass antivirus software [...]
Security experts have identified that compromised Apple mobile devices may harbor prominent spyware like Pegasus, Reign, and Predator. A thorough [...]
GitLab released critical security updates for both its Community and Enterprise Edition, addressing a severe authentication flaw (CVE-2023-7028) that allows [...]
Three fake Chrome VPN extensions, disguised as legitimate tools, were downloaded 1.5 million times. These malicious extensions, discovered by ReasonLabs, [...]
Microsoft has identified APT33, an Iranian cyber-espionage group also known as Peach Sandstorm, HOLMIUM, or Refined Kitten, employing the recently [...]
Academic researchers unveiled SLAM, a novel side-channel attack exploiting security-enhancing hardware features in upcoming Intel, AMD, and Arm CPUs. SLAM, [...]
LogoFAIL is a set of security vulnerabilities impacting image-parsing components within UEFI code across different vendors. These vulnerabilities pose a [...]
Google released security updates for Chrome, addressing seven issues, including a high-severity zero-day vulnerability (CVE-2023-6345) in the Skia 2D graphics [...]
A newly identified Mirai-based malware botnet named 'InfectedSlurs' is leveraging two zero-day remote code execution (RCE) vulnerabilities to infect routers [...]
The Kinsing malware operator is currently taking advantage of the critical CVE-2023-46604 vulnerability in the Apache ActiveMQ open-source message broker [...]
Another Russian state-sponsored hacking group, APT29, also known as UNC3524, NobleBaron, Dark Halo, NOBELIUM, Cozy Bear, CozyDuke, and SolarStorm, is [...]
Malicious actors exploit Ethereum's 'Create2' function to evade wallet security alerts and compromise cryptocurrency addresses, resulting in a theft of [...]