August 28, 2024

A large number of open-source large language model (LLM) builder servers and vector databases are unintentionally exposing sensitive data on the internet.

August 28, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added an Apache OFBiz bug, CVE-2024-38856, to its Known Exploited Vulnerabilities catalog.

August 27, 2024

A critical zero-click vulnerability in Windows TCP/IP, tracked as CVE-2024-38063, has been exposed to the public through a proof-of-concept (PoC) exploit.

August 27, 2024

SafeBreach security researcher Alon Leviev has developed a tool, 'Windows Downdate', that is capable of executing downgrade attacks on up-to-date Windows 10, Windows 11, and Windows Server systems.

August 27, 2024

The Volt Typhoon, a Chinese state-backed hacking group, has been identified as the perpetrator behind the attacks exploiting a zero-day flaw in Versa Director.

August 26, 2024

Google has disclosed that it has fixed the tenth zero-day vulnerability to be exploited in the wild in 2024.

August 26, 2024

Versa Networks has recently addressed a zero-day vulnerability in its Director platform which was being exploited in ongoing attacks.

August 26, 2024

SonicWall has issued a warning about a critical access control flaw in its SonicOS that could potentially grant attackers unauthorized access to resources or cause the firewall to crash.

August 22, 2024

A cyber threat group with connections to China, referred to as Velvet Ant, has been exploiting a recently disclosed security flaw in Cisco switches, identified as CVE-2024-20399, as a zero-day to gain control and dodge detection.

August 22, 2024

SolarWinds, a major provider of IT management products to over 300,000 customers globally, has patched a critical vulnerability in its Web Help Desk (WHD) software.