October 23, 2023

Cisco has remedied two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that were recently exploited by a threat actor to breach a multitude of IOS XE devices.

October 22, 2023

The number of infected Cisco IOS XE devices has significantly dropped from over 50,000 to a few hundred after hackers updated a malicious backdoor to evade detection.

October 20, 2023

Cisco has made public a new high-severity zero-day vulnerability, CVE-2023-20273, that is currently being exploited to deploy harmful implants on IOS XE devices.

October 20, 2023

Eight new vulnerabilities have been identified in the SolarWinds Access Rights Manager Tool (ARM), three of which are deemed critical.

October 20, 2023

Researchers from LeakIX, using the indicators of compromise (IOCs) released by Cisco Talos, discovered approximately 30,000 Cisco IOS XE devices that have been compromised by exploiting the CVE-2023-20198 vulnerability.

October 18, 2023

Microsoft has reported that North Korean hacking groups Lazarus and Andariel are exploiting a critical flaw, CVE-2023-42793, in TeamCity servers to deploy backdoor malware.

October 18, 2023

Between August 2022 and May 2023, an updated version of the MATA backdoor framework was identified in attacks on oil and gas companies, as well as defense firms in Eastern Europe.

October 18, 2023

Google's Threat Analysis Group (TAG) has discovered that multiple state-sponsored hacking groups are taking advantage of a severe vulnerability in WinRAR, a widely-used compression software, to execute arbitrary code on victims' systems.

October 18, 2023

A critical security flaw identified as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited as a zero-day since late August, according to security researchers.

October 18, 2023

A vulnerability in Synology's DiskStation Manager (DSM), which could be used to decode an administrator's password and remotely take control of the account, has been exposed.