March 7, 2024

Hackers have begun to exploit a critical-severity authentication bypass vulnerability, CVE-2024-27198, in TeamCity On-Premises.

March 6, 2024

Threat actors are exploiting misconfigured servers running services such as Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis as part of a new malware campaign.

March 6, 2024

VMware has issued security patches to rectify critical sandbox escape vulnerabilities present in its ESXi, Workstation, Fusion, and Cloud Foundation products.

March 6, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) in the United States has updated its catalog of Known Exploited Vulnerabilities (KEV) to include two significant flaws.

March 5, 2024

VMware, a renowned name in the field of virtualization, has urgently rolled out updates to mitigate critical ESXi sandbox escape vulnerabilities present in its ESXi, Workstation, Fusion, and Cloud Foundation offerings.

March 5, 2024

Apple has released crucial security updates to rectify two iOS zero-day vulnerabilities that have been exploited in attacks on iPhones.

March 5, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included the CVE-2024-21338 Microsoft Windows Kernel vulnerability in its Known Exploited Vulnerabilities catalog.

March 4, 2024

Critical vulnerabilities have been discovered in the CI/CD pipeline tool, JetBrains TeamCity, which could potentially allow cyber criminals to gain administrative control over servers.

March 4, 2024

A critical vulnerability, identified as CVE-2024-27198, in JetBrains' TeamCity On-Premises CI/CD solution could potentially allow a remote, unauthenticated attacker to gain control of the server with administrative rights.

March 4, 2024

The North Korean Advanced Persistent Threat (APT) group Kimsuky is exploiting vulnerabilities in ScreenConnect, specifically CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant named ToddleShark.