January 21, 2025

A botnet made up of approximately 13,000 commandeered MikroTik routers has been used to distribute malware through spam campaigns.

January 20, 2025

New findings highlight security flaws in several tunneling protocols, which could potentially expose 4.2 million hosts to cyberattacks.

January 17, 2025

A significant amount of dated configuration data and VPN credentials for 15,474 Fortinet devices have been freely posted on the dark web.

January 16, 2025

A severe security vulnerability in the Unified Extensible Firmware Interface (UEFI) systems, which could have allowed attackers to bypass the Secure Boot mechanism, has been patched.

January 16, 2025

Cyber criminals have been identified using a novel approach to deliver malware, hiding malicious code within images.

January 16, 2025

GuidePoint Security's cybersecurity researchers have unearthed a cyberattack that involves a threat actor using a Python-based backdoor to maintain persistent entry to compromised systems, which is then used to deploy the RansomHub ransomware throughout the victim's network.

January 16, 2025

Security updates have been released by Ivanti to fix a number of vulnerabilities affecting Avalanche, Application Control Engine, and Endpoint Manager (EPM).

January 6, 2025

Moxa, a company specializing in industrial networking and communication solutions, has alerted its customers about two significant security vulnerabilities affecting several of its device models.

January 6, 2025

The Eagerbee malware framework is seeing new variants being used against government entities and ISPs in the Middle East.

January 3, 2025

The vulnerability CVE-2024-49113, also known as LDAPNightmare, is a Windows Lightweight Directory Access Protocol (LDAP) Denial of Service flaw that was identified by Yuki Chen.