April 26, 2023

Russian cybercrime group FIN7, also known as Anunak and Carbanak, has been spotted exploiting a Veeam Backup & Replication vulnerability that was patched in March 2023.

April 26, 2023

Apache Superset, an open-source data visualization and data exploration platform, has over 3000 instances exposed to the internet, leaving them vulnerable to remote code execution (RCE) attacks.

April 25, 2023

A new vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service attacks with an amplification factor of 2,200 times.

April 24, 2023

Attackers are exploiting two severe vulnerabilities (CVE-2023-27350 and CVE-2023-27351) in the widely-used PaperCut MF/NG print management software to install Atera remote management software and take over servers.

April 24, 2023

A critical vulnerability has been discovered in a remote terminal unit (RTU) produced by Slovenia-based industrial automation company Inea, potentially exposing industrial organizations to remote hacker attacks.

April 21, 2023

Cisco has recently issued security updates to address critical vulnerabilities in its Industrial Network Director and Modeling Labs solutions.

April 20, 2023

VMware, a virtualization technology giant, is facing significant security issues in its enterprise-facing log analysis product.

April 20, 2023

Print management solutions provider PaperCut has issued a warning to organizations about the exploitation of a recently patched critical-severity vulnerability in their print management system, PaperCut MF/NG.

April 19, 2023

Fortra has concluded its investigation into the exploitation of CVE-2023-0669, a zero-day vulnerability in the GoAnywhere MFT solution, which the Clop ransomware gang used to steal data from over a hundred companies.

April 19, 2023

Google has released a security update for its Chrome web browser to address the second zero-day vulnerability discovered to be exploited in attacks this year.