December 19, 2024

Fortinet has revealed a significant vulnerability in its Wireless Manager (FortiWLM) that could allow remote attackers to execute unsanctioned code or commands.

December 19, 2024

BeyondTrust, a cybersecurity firm specializing in Privileged Access Management (PAM) and secure remote access solutions, was the target of a cyberattack in early December.

December 17, 2024

A critical vulnerability in Apache Struts 2, identified as CVE-2024-53677, is being actively exploited in order to seek out vulnerable servers.

December 17, 2024

A cyber espionage group known as The Mask APT, also referred to as Careto, has been associated with a new wave of attacks that targeted an unnamed Latin American organization twice, once in 2019 and again in 2022.

December 16, 2024

The FBI has issued a warning about a new wave of HiatusRAT malware attacks that are specifically targeting vulnerable web cameras and DVRs that are exposed online.

December 16, 2024

CISA has alerted U.S. federal agencies of ongoing attacks targeting a critical Windows kernel vulnerability, tracked as CVE-2024-35250.

December 16, 2024

The Serbian government has been accused of exploiting Qualcomm zero-day vulnerabilities to infect Android devices with a new spyware named 'NoviSpy,' which has been used to spy on activists, journalists, and protestors.

December 15, 2024

The Clop ransomware group has publicly confirmed its involvement in recent data-theft attacks on Cleo, a company that develops managed file transfer platforms.

December 13, 2024

The Cleo managed file transfer tool is currently under threat from an active ransomware campaign, which is expected to intensify following the public availability of a proof-of-concept exploit for a zero-day flaw in the software.

December 11, 2024

Russian cyber-espionage group Turla, also known as 'Secret Blizzard', is reportedly using the infrastructure of other threat actors to target Ukrainian military devices linked to Starlink.