December 5, 2024

A newly identified threat activity cluster, Earth Minotaur, is using the MOONSHINE exploit kit and an unreported Android-Windows backdoor, DarkNimbus, to conduct long-term surveillance operations against Uyghurs and Tibetans.

December 5, 2024

Researchers from watchTowr have found an arbitrary file read zero-day vulnerability in the Mitel MiCollab collaboration platform.

December 4, 2024

The Japanese Computer Emergency Response Team (CERT) has raised the alarm about hackers taking advantage of zero-day vulnerabilities in IO-Data router devices.

December 3, 2024

Veeam has issued security updates to rectify two vulnerabilities in its Service Provider Console (VSPC), one of which is a critical remote code execution (RCE) bug.

December 3, 2024

In the era of GDPR, users have the right to download all the data that websites store about them.

December 3, 2024

On Monday, Cisco issued an update to an advisory, warning its customers about the ongoing exploitation of a security vulnerability that has been present in its Adaptive Security Appliance (ASA) for a decade.

December 2, 2024

The 'Bootkitty' Linux UEFI bootkit, a recently discovered malware, leverages the LogoFAIL vulnerability, also known as CVE-2023-40238, to target vulnerable firmware on computers.

November 27, 2024

Hackers have found a way to exploit a critical authentication bypass flaw in ProjectSend, an open-source file-sharing web application.

November 27, 2024

A Russian hacker, known as 'Matrix', has built a large-scale distributed denial-of-service (DDoS) botnet by exploiting weakly protected Internet-of-Things (IoT) devices and enterprise servers.

November 26, 2024

A recently discovered set of vulnerabilities, collectively referred to as 'NachoVPN', allows rogue VPN servers to install harmful updates when unpatched VPN clients from Palo Alto and SonicWall connect to them.