Newswires
April 29, 2024
A newly identified security vulnerability in the R programming language could be exploited to execute code when a malicious RDS file is loaded and referenced.
April 29, 2024
Multiple vulnerabilities have been identified in Brocade's SANnav storage area network (SAN) management application, posing a potential threat to affected devices.
April 28, 2024
Deep Instinct Threat Lab has detected a targeted cyber operation against Ukraine that exploits a nearly seven-year-old vulnerability in Microsoft Office.
April 25, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include significant flaws in Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls, and CrushFTP's Virtual File System (VFS).
April 25, 2024
The Lazarus Group, a North Korean threat actor, has been discovered using a new remote access trojan (RAT) named Kaolin RAT.
April 25, 2024
Over 1,400 CrushFTP servers that are accessible online have been identified as being susceptible to a critical server-side template injection (SSTI) vulnerability, which is currently under active exploitation.
April 25, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. has recently incorporated the Microsoft Windows Print Spooler Privilege Escalation vulnerability, known as CVE-2022-38028, into its Known Exploited Vulnerabilities (KEV) catalog.
April 24, 2024
Cisco has alerted the public to the activities of a state-sponsored hacking group that has been exploiting two zero-day vulnerabilities in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls.
April 24, 2024
A serious security flaw has been identified in the CrushFTP server, a cloud-based file transfer system used by multiple organizations.
April 24, 2024
Google has announced an update to Chrome 124 that addresses four vulnerabilities, among which is a critical flaw, tagged as CVE-2024-4058.