January 29, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a flaw in multiple Apple products, tracked as CVE-2025-24085, to its Known Exploited Vulnerabilities (KEV) catalog.

January 29, 2025

The latest variant of the notorious Mirai botnet, known as Aquabot, is actively exploiting a known vulnerability, CVE-2024-41710, in Mitel SIP phones.

January 29, 2025

Cacti, an open-source platform widely used for operational monitoring and fault management, has been found to contain a critical vulnerability.

January 29, 2025

GreyNoise researchers have detected active attempts to exploit a critical zero-day vulnerability, designated as CVE-2024-40891, in Zyxel CPE Series devices.

January 28, 2025

It is suspected that hackers are exploiting vulnerabilities in the SimpleHelp Remote Monitoring and Management (RMM) software to gain initial access to target networks.

January 28, 2025

Fortinet has addressed a critical zero-day vulnerability that was being actively exploited in its FortiOS and FortiProxy products.

January 27, 2025

Apple has issued security updates to address the first zero-day vulnerability of the year, known as CVE-2025-24085, which has been actively exploited in attacks against iPhone users.

January 27, 2025

RyotaK, a security researcher from GMO Flatt Security Inc, uncovered several vulnerabilities in Git's credential retrieval protocol, which could have allowed threat actors to access user credentials.

January 26, 2025

A critical security flaw, designated as CVE-2024-50050, has been uncovered in Meta's Llama large language model (LLM) framework.

January 26, 2025

Cisco has rolled out security patches to fix a denial-of-service (DoS) vulnerability in ClamAV, identified as CVE-2025-20128.