October 26, 2023

Mirth Connect, a data integration platform developed by NextGen HealthCare, is under threat from a severe remote code execution vulnerability that can be exploited without any form of authentication.

October 26, 2023

The Russian APT28 hacking group, also known as 'Strontium' or 'Fancy Bear', has been actively infiltrating numerous critical networks in France.

October 26, 2023

Cloudflare has reported an unprecedented series of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently revealed vulnerability known as HTTP/2 Rapid Reset.

October 25, 2023

Winter Vivern, a Russian hacking group, has been leveraging a zero-day vulnerability in Roundcube Webmail to attack European government entities and think tanks since at least October 11.

October 25, 2023

VMware has rolled out security patches to rectify a critical flaw in its vCenter Server, which if exploited, could enable remote code execution attacks on vulnerable servers.

October 24, 2023

Rockwell Automation has issued a warning to its customers regarding the impact of a currently exploited Cisco IOS XE zero-day vulnerability on its Stratix industrial switches.

October 24, 2023

On Monday, VMware warned its customers about the existence of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in its product, vRealize Log Insight, now renamed as VMware Aria Operations for Logs.

October 24, 2023

Kaspersky's investigation into a sophisticated attack on Apple iOS devices, known as Operation Triangulation, has revealed the use of a malicious implant called TriangleDB.

October 24, 2023

A Proof-of-Concept (PoC) exploit has been made public for a Microsoft Exchange Server vulnerability, identified as CVE-2023-36745, which can enable remote attackers to execute code.

October 23, 2023

Citrix has alerted administrators today to secure all NetScaler ADC and Gateway appliances against ongoing attacks that exploit the CVE-2023-4966 vulnerability.