February 4, 2025

A vulnerability in the 7-Zip file archiver program has been exploited by Russian hackers to bypass the Windows security feature known as Mark of the Web (MotW).

February 3, 2025

In the January 2025 security updates, Google has patched 48 vulnerabilities, among which is a zero-day kernel vulnerability (CVE-2024-53104) that has been exploited in the wild.

February 1, 2025

BeyondTrust, an American access management company, has recently completed an investigation into a cybersecurity incident that targeted its Remote Support Software as a Service (SaaS) instances.

February 1, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have raised concerns about certain vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors.

January 30, 2025

Voyager, a renowned open-source PHP package designed to manage Laravel applications, has been found to contain multiple vulnerabilities, according to researchers at SonarSource.

January 30, 2025

Akamai's Security Intelligence and Response Team (SIRT) has identified a new variant of the Mirai-based botnet malware Aquabot, known as Aquabotv3, which is exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones.

January 29, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a flaw in multiple Apple products, tracked as CVE-2025-24085, to its Known Exploited Vulnerabilities (KEV) catalog.

January 29, 2025

The latest variant of the notorious Mirai botnet, known as Aquabot, is actively exploiting a known vulnerability, CVE-2024-41710, in Mitel SIP phones.

January 29, 2025

Cacti, an open-source platform widely used for operational monitoring and fault management, has been found to contain a critical vulnerability.

January 29, 2025

GreyNoise researchers have detected active attempts to exploit a critical zero-day vulnerability, designated as CVE-2024-40891, in Zyxel CPE Series devices.