Newswires
September 16, 2024
A critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, known as CVE-2024-29847, has been exposed to the public through a proof-of-concept (PoC) exploit.
September 15, 2024
The Void Banshee APT group exploited a Windows MSHTML spoofing vulnerability, identified as CVE-2024-43461, for zero-day attacks before it was patched by Microsoft.
September 14, 2024
GitLab has recently addressed a critical flaw in both its Community Edition (CE) and Enterprise Edition (EE), along with 16 other vulnerabilities, by releasing security patches.
September 13, 2024
Ivanti, a major IT management software company, issued a warning last Friday about a severe vulnerability in its Cloud Services Appliance (CSA) solution that is being actively exploited in attacks.
September 12, 2024
GitLab has rolled out critical updates to counteract multiple vulnerabilities, with the most severe one being CVE-2024-6678, which enables an attacker to initiate pipelines as arbitrary users under certain circumstances.
September 12, 2024
Cybercriminals are infecting exposed Selenium Grid servers with the aim of exploiting the victims' Internet bandwidth for cryptomining, proxyjacking, and potentially other malicious activities.
September 11, 2024
A cybersecurity expert is encouraging users to update Adobe Acrobat Reader following the release of a patch for a remote code execution zero-day vulnerability, for which a public proof-of-concept (PoC) exploit exists.
September 11, 2024
The Acronis Threat Research Unit has unveiled a recent wave of cyber-attacks on Taiwanese drone manufacturers, which they've termed 'WordDrone'.
September 10, 2024
Ivanti has successfully patched a critical vulnerability in its Endpoint Management software (EPM), which could have allowed unauthenticated attackers to remotely execute code on the core server.
September 10, 2024
Microsoft has resolved a security flaw in its Windows Smart App Control and SmartScreen that has been exploited as a zero-day since at least 2018.