December 11, 2023

Apple has proactively released emergency security updates to provide patches for two zero-day vulnerabilities that are currently being exploited, affecting older iPhone models, as well as select Apple Watch and Apple TV devices.

December 11, 2023

The Lazarus Group, a North Korea-associated threat actor, has launched a global campaign exploiting Log4j vulnerabilities to deploy new remote access trojans (RATs).

December 8, 2023

The APT28 group, associated with various names such as Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM, has been operational since at least 2007.

December 7, 2023

A serious security vulnerability in Bluetooth could enable attackers to seize control of devices operating on Android, Linux, macOS, and iOS.

December 5, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm about a critical vulnerability in Adobe ColdFusion that hackers are actively exploiting to gain access to government servers.

December 5, 2023

Google has released its December 2023 security updates for Android, which have addressed a total of 85 vulnerabilities.

December 4, 2023

Microsoft's Threat Intelligence team has issued an alert about the Russian state-sponsored actor APT28, also known as Fancybear or Strontium, exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information.

December 4, 2023

A deceptive security advisory is being sent to WordPress site administrators, claiming to alert them about a non-existent vulnerability, CVE-2023-45124.

December 4, 2023

Cybersecurity researchers have identified a new variant of the emerging P2PInfect botnet, which has the capability of targeting routers and IoT devices.

December 2, 2023

Over 20,000 Microsoft Exchange email servers across Europe, the U.S., and Asia are at risk of cyber attacks due to running on unsupported software versions that no longer receive any updates.