October 22, 2024

Proof-of-concept exploit code has been made public for a vulnerability in Microsoft's Remote Registry client that could potentially allow an attacker to seize control of a Windows domain by downgrading the security of the authentication process.

October 22, 2024

Google's Threat Analysis Group (TAG) has alerted the public to a zero-day vulnerability in Samsung mobile processors, tracked as CVE-2024-44068.

October 22, 2024

VMware has rolled out an additional security patch for the critical vulnerability CVE-2024-38812 in its vCenter Server, after the initial patch released in September 2024 failed to completely rectify the issue.

October 20, 2024

F5 Networks recently rectified a high-severity elevation of privilege vulnerability in its BIG-IP product.

October 18, 2024

New speculative execution attacks have been identified that circumvent existing Spectre mitigations on Intel and AMD CPUs operating on Linux.

October 18, 2024

Microsoft has identified a vulnerability in Apple's Transparency, Consent, and Control (TCC) framework on macOS, which is designed to safeguard user privacy by controlling how applications access sensitive data and system resources.

October 17, 2024

APT34, also known as Earth Simnavaz, OilRig, MuddyWater, Crambus, Europium, Hazel Sandstorm, is a threat group associated with Iran's Ministry of Intelligence and Security (MOIS).

October 16, 2024

Iranian cybercriminals are penetrating critical infrastructure organizations to accumulate credentials and network data, which they subsequently sell on cybercriminal platforms.

October 16, 2024

Google, in collaboration with Mandiant security analysts, has reported a concerning trend in 2023 where 70% of disclosed vulnerabilities that were actively exploited were zero-days.

October 16, 2024

A critical flaw has been identified in Kubernetes, an open-source platform used for automating the deployment, scaling, and operation of application containers.