February 21, 2024

Joomla, a widely-used content management system, has resolved five vulnerabilities that could have been exploited to run arbitrary code on susceptible websites.

February 21, 2024

Technical details and proof-of-concept exploits for two vulnerabilities in ScreenConnect, a remote desktop and access software by ConnectWise, have been made public.

February 20, 2024

VMware has issued a call to administrators today, urging them to remove a discontinued authentication plugin that is exposed to authentication relay and session hijack attacks in Windows domain environments.

February 20, 2024

An international law enforcement operation, named Operation Cronos, has successfully disrupted the activities of the notorious LockBit ransomware group.

February 19, 2024

A critical severity privilege escalation flaw, known as CVE-2024-21410, is currently being exploited, putting as many as 97,000 Microsoft Exchange servers at risk.

February 16, 2024

SolarWinds, a major provider of IT management software, has released patches for five remote code execution (RCE) vulnerabilities found in its Access Rights Manager (ARM) tool.

February 16, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the Akira ransomware group exploiting a previously patched security flaw in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software.

February 15, 2024

LMG Security, a leading cybersecurity consulting company, has identified three critical software vulnerabilities posing a substantial threat to hundreds of U.S. organizations.

February 15, 2024

Several Ivanti Connect Secure and Policy Secure endpoints are still susceptible to a host of security vulnerabilities that were initially revealed over a month ago.

February 15, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Microsoft Windows vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.