June 2, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a zero-day vulnerability in the Progress MOVEit Transfer file transfer product, tracked as CVE-2023-34362, to its Known Exploited Vulnerabilities Catalog.

June 2, 2023

For the past four years, an unknown advanced persistent threat (APT) actor has been covertly stealing information from iOS devices using a zero-click exploit delivered via iMessage.

June 2, 2023

Splunk recently announced security updates for Splunk Enterprise, which fix several high-severity vulnerabilities, some of which affect third-party packages utilized by the product.

June 1, 2023

Cybersecurity researchers have recently exposed the identity of a person believed to be connected to the cybercrime group known as XE Group.

June 1, 2023

Moxa has recently fixed two serious vulnerabilities in its MXsecurity product, which could have been exploited by malicious hackers targeting operational technology (OT) networks.

May 31, 2023

Hackers are taking advantage of a critical command injection flaw in Zyxel networking devices, identified as CVE-2023-28771, to install malware.

May 31, 2023

A variant of the Mirai botnet, known as IZ1H9, has been discovered exploiting four distinct vulnerabilities in popular Linux-based servers and Internet of Things (IoT) devices.

May 30, 2023

Barracuda, a network and email security firm, has announced that a recently patched zero-day vulnerability had been exploited for a minimum of seven months to backdoor customers' Email Security Gateway (ESG) appliances with custom malware and steal data.

May 30, 2023

Apple has recently fixed a vulnerability, dubbed Migraine and tracked as CVE-2023-32369, that allowed attackers with root privileges to bypass System Integrity Protection (SIP) and install 'undeletable' malware.

May 26, 2023

A newly discovered ransomware operation named Buhti, also referred to as Blacktail by Symantec, has been rapidly expanding since mid-April 2023.