June 7, 2024

A newly revealed remote code execution (RCE) vulnerability in PHP for Windows, tracked as CVE-2024-4577, could potentially affect a large number of servers globally.

June 6, 2024

The recent surge in exploit activity targeting a zero-day vulnerability in Check Point's VPN technology has underscored the urgency for organizations to address the flaw without delay.

June 5, 2024

RansomHub, a ransomware-as-a-service (RaaS) operation, has been leveraging the ZeroLogon vulnerability (CVE-2020-1472) in recent attacks.

June 5, 2024

Threat actors have exploited a zero-day vulnerability in TikTok's direct messaging feature, leading to the hijacking of several high-profile accounts.

June 4, 2024

Zyxel Networks has issued an urgent security patch to address three critical vulnerabilities in its older NAS devices that are no longer supported.

June 4, 2024

The DarkGate malware-as-a-service operation has shifted its script mechanism from AutoIt to AutoHotkey in its latest cyber attacks.

June 4, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included a security vulnerability in Oracle WebLogic Server in its Known Exploited Vulnerabilities catalog.

June 3, 2024

Researchers have released a proof-of-concept (PoC) exploit showcasing a combined remote code execution (RCE) vulnerability in Progress Telerik Report Servers.

May 31, 2024

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) catalog with two new vulnerabilities, one of which is a high-severity Linux kernel privilege elevation flaw.

May 30, 2024

Cloudflare has disrupted a month-long phishing campaign in Ukraine, which was orchestrated by a Russia-aligned threat actor known as FlyingYeti.