July 29, 2024

Microsoft has warned that ransomware gangs are actively exploiting a vulnerability in VMware ESXi's authentication system.

July 26, 2024

A significant number of computing systems based on Intel and ARM microprocessors, from multiple vendors, are vulnerable to a secure boot bypass issue dubbed 'PKFail'.

July 26, 2024

Acronis has alerted its customers to a critical security vulnerability in its Cyber Infrastructure that could allow attackers to bypass server authentication using default credentials.

July 26, 2024

The Internet Systems Consortium (ISC) has released updates for BIND, a DNS software suite, to rectify high-severity DoS vulnerabilities.

July 25, 2024

Cybercriminals are exploiting critical Remote Code Execution (RCE) flaws in ServiceNow, a widely used cloud-based platform, to steal credentials.

July 25, 2024

The Andariel group, also known by other names such as Silent Chollima, Onyx Sleet, and Stonefly, is a North Korean cyber-espionage group that is systematically stealing data from organizations in the US and other countries.

July 25, 2024

Progress Software has alerted its customers to a critical remote code execution (RCE) security flaw in the Telerik Report Server.

July 25, 2024

Cybersecurity researchers have discovered a privilege escalation vulnerability in the Google Cloud Platform's Cloud Functions service, which has been named 'ConfusedFunction'.

July 25, 2024

Docker has issued a warning about a critical vulnerability affecting certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) in certain situations.

July 24, 2024

Docker has implemented security updates to rectify a critical vulnerability that could potentially allow an attacker to bypass authorization plugins under specific circumstances.