February 15, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Microsoft Windows vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

February 14, 2024

Microsoft has updated its security advisory to warn about a critical vulnerability in Exchange Server, identified as CVE-2024-21410.

February 14, 2024

Zoom, a cloud-based video conferencing service used for corporate meetings, educational sessions, and social gatherings, has patched a critical flaw in its Windows applications.

February 14, 2024

A critical security flaw in Microsoft Outlook, which can be exploited by remote unauthenticated attackers, has been discovered.

February 13, 2024

Microsoft has addressed a zero-day vulnerability in its Windows Defender SmartScreen that was being exploited by a threat group, referred to as Water Hydra and DarkCasino, to distribute the DarkMe remote access trojan (RAT).

February 13, 2024

The February 2024 Patch Tuesday from Microsoft addresses a total of 73 vulnerabilities, including two zero-days that are currently being exploited.

February 13, 2024

The Bumblebee malware, first identified in April 2022, is back after a four-month pause.

February 12, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included a persistent Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail, tracked as CVE-2023-43770, in its Known Exploited Vulnerabilities catalog.

February 12, 2024

Hackers have taken advantage of a server-side request forgery (SSRF) vulnerability in Ivanti's Connect Secure, Policy Secure, and ZTA gateways to deploy a newly identified backdoor, DSLog, on susceptible devices.

February 12, 2024

Arctic Wolf Labs has discovered that the C3RB3R ransomware is being deployed by threat actors exploiting a critical template injection vulnerability (CVE-2023-22527) in Atlassian's Confluence Server and Data Center.