July 10, 2024

CISA and the FBI have issued a joint advisory to software firms, strongly recommending they scrutinize their products and eliminate any OS command injection vulnerabilities before they are released to the market.

July 10, 2024

Microsoft recently addressed a zero-day vulnerability in Windows that had been actively exploited in attacks for a year and a half to execute malicious scripts while bypassing security features.

July 10, 2024

Citrix has launched security patches to fix critical and high-risk problems in its NetScaler product.

July 10, 2024

EstateRansomware, a newly identified ransomware group, has been exploiting a vulnerability in Veeam Backup & Replication software, according to Group-IB, a Singapore-based cybersecurity firm.

July 10, 2024

A new vulnerability identified as CVE-2024-6409 has been discovered in OpenSSH, the secure networking suite.

July 9, 2024

Microsoft's July security update includes patches for a staggering 139 unique Common Vulnerabilities and Exposures (CVEs), two of which are already being exploited by attackers.

July 9, 2024

A new form of attack, known as Blast-RADIUS, is exploiting a weakness in the widely adopted RADIUS/UDP protocol.

July 9, 2024

Eight global cybersecurity agencies have jointly warned about the rapid adaptability of a China-affiliated cyber espionage group, APT40.

July 8, 2024

The Ghostscript document conversion toolkit, prevalent on many Linux systems, is under attack due to a remote code execution (RCE) vulnerability.

July 8, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a Cisco NX-OS Command Injection Vulnerability, designated as CVE-2024-20399.