November 25, 2024

Zyxel, a network hardware manufacturer, has alerted users about a ransomware gang that has been exploiting a recently patched command injection vulnerability in its firewalls.

November 23, 2024

A malicious campaign has been detected that exploits a legitimate but outdated Avast Anti-Rootkit driver to bypass detection and take control of the targeted system by disabling security components.

November 22, 2024

Russian state hackers, known as APT28, have successfully breached a U.S. company's enterprise WiFi network using a novel 'nearest neighbor attack' technique.

November 22, 2024

The South Asian threat actor Mysterious Elephant, also identified as APT-K-47, has been seen deploying an advanced version of the Asyncshell malware.

November 21, 2024

Hackers have breached thousands of Palo Alto Networks firewalls by exploiting two recently patched zero-day vulnerabilities.

November 21, 2024

Google's artificial intelligence (AI)-fueled fuzzing tool, OSS-Fuzz, has been instrumental in detecting 26 vulnerabilities in multiple open-source code repositories.

November 19, 2024

Apple has urgently released security patches to rectify two zero-day vulnerabilities that have been used in attacks on Intel-based Mac systems.

November 19, 2024

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has included three new vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog.

November 19, 2024

Oracle has recently remedied an unauthenticated file disclosure vulnerability in its Oracle Agile Product Lifecycle Management (PLM) software, which was being actively exploited in the wild.

November 19, 2024

D-Link, the networking hardware vendor, has alerted its customers about a critical unauthenticated, remote code execution vulnerability affecting certain end-of-life VPN router models.