July 12, 2024

Censys, a cybersecurity company, has issued a warning that a severe vulnerability exists in over 1.5 million instances of Exim mail transfer agent (MTA).

July 11, 2024

The Akira ransomware group, suspected to be Storm-1567 (also known as Punk Spider and Gold Sahara), has demonstrated the ability to exfiltrate data from victims in just over two hours.

July 11, 2024

Crystalray, a newly discovered cyber threat actor, is leveraging a range of open source software (OSS) tools to boost its operations focused on stealing credentials and cryptomining.

July 11, 2024

A security flaw in PHP, known as CVE-2024-4577, is being exploited by various threat actors to spread remote access trojans, cryptocurrency miners, and initiate distributed denial-of-service (DDoS) botnets.

July 11, 2024

VMware, a company specializing in virtualization, has addressed a critical SQL-injection vulnerability in its Aria Automation solution.

July 10, 2024

GitLab has warned of a critical vulnerability in its Community and Enterprise editions, which allows attackers to run pipeline jobs as any other user.

July 10, 2024

CISA and the FBI have issued a joint advisory to software firms, strongly recommending they scrutinize their products and eliminate any OS command injection vulnerabilities before they are released to the market.

July 10, 2024

Microsoft recently addressed a zero-day vulnerability in Windows that had been actively exploited in attacks for a year and a half to execute malicious scripts while bypassing security features.

July 10, 2024

Citrix has launched security patches to fix critical and high-risk problems in its NetScaler product.

July 10, 2024

EstateRansomware, a newly identified ransomware group, has been exploiting a vulnerability in Veeam Backup & Replication software, according to Group-IB, a Singapore-based cybersecurity firm.