April 25, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. has recently incorporated the Microsoft Windows Print Spooler Privilege Escalation vulnerability, known as CVE-2022-38028, into its Known Exploited Vulnerabilities (KEV) catalog.

April 24, 2024

Cisco has alerted the public to the activities of a state-sponsored hacking group that has been exploiting two zero-day vulnerabilities in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls.

April 24, 2024

A serious security flaw has been identified in the CrushFTP server, a cloud-based file transfer system used by multiple organizations.

April 24, 2024

Google has announced an update to Chrome 124 that addresses four vulnerabilities, among which is a critical flaw, tagged as CVE-2024-4058.

April 23, 2024

Microsoft has retracted a patch for a known issue with its Outlook email client that was causing false security warnings when users tried to open ICS calendar files after installing the December Outlook Desktop security updates.

April 23, 2024

Siemens is actively working on a fix for a critical zero-day vulnerability in its Ruggedcom APE1808 devices, which are configured with Palo Alto Networks' (PAN) Virtual NGFW.

April 22, 2024

Microsoft has alerted users that Russian threat group APT28 is exploiting a vulnerability in Windows Print Spooler to gain elevated privileges and steal data.

April 19, 2024

CrushFTP alerted its users today through a confidential memo about a zero-day vulnerability that is currently being exploited.

April 19, 2024

The MITRE Corporation disclosed a security breach that occurred in January 2024, instigated by a state-sponsored hacking group exploiting two Ivanti VPN zero-days.

April 19, 2024

Approximately 22,500 Palo Alto GlobalProtect firewall devices are potentially vulnerable to the CVE-2024-3400 flaw.