June 4, 2024

Zyxel Networks has issued an urgent security patch to address three critical vulnerabilities in its older NAS devices that are no longer supported.

June 4, 2024

The DarkGate malware-as-a-service operation has shifted its script mechanism from AutoIt to AutoHotkey in its latest cyber attacks.

June 4, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included a security vulnerability in Oracle WebLogic Server in its Known Exploited Vulnerabilities catalog.

June 3, 2024

Researchers have released a proof-of-concept (PoC) exploit showcasing a combined remote code execution (RCE) vulnerability in Progress Telerik Report Servers.

May 31, 2024

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) catalog with two new vulnerabilities, one of which is a high-severity Linux kernel privilege elevation flaw.

May 30, 2024

Cloudflare has disrupted a month-long phishing campaign in Ukraine, which was orchestrated by a Russia-aligned threat actor known as FlyingYeti.

May 29, 2024

Threat actors have been capitalizing on a high-severity zero-day vulnerability in Check Point's Remote Access VPN since April 30, gaining access to Active Directory data and enabling lateral movement within the networks of the victims.

May 29, 2024

Check Point has launched hotfixes for a VPN zero-day vulnerability that has been exploited in attacks with the goal of remotely accessing firewalls and potentially breaching corporate networks.

May 28, 2024

Security researchers have made public a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's SIEM solution.

May 28, 2024

The TP-Link Archer C5400X gaming router has been found to contain a critical remote code execution (RCE) vulnerability, according to researchers at OneKey.