October 22, 2024

VMware has rolled out an additional security patch for the critical vulnerability CVE-2024-38812 in its vCenter Server, after the initial patch released in September 2024 failed to completely rectify the issue.

October 20, 2024

F5 Networks recently rectified a high-severity elevation of privilege vulnerability in its BIG-IP product.

October 18, 2024

New speculative execution attacks have been identified that circumvent existing Spectre mitigations on Intel and AMD CPUs operating on Linux.

October 18, 2024

Microsoft has identified a vulnerability in Apple's Transparency, Consent, and Control (TCC) framework on macOS, which is designed to safeguard user privacy by controlling how applications access sensitive data and system resources.

October 17, 2024

APT34, also known as Earth Simnavaz, OilRig, MuddyWater, Crambus, Europium, Hazel Sandstorm, is a threat group associated with Iran's Ministry of Intelligence and Security (MOIS).

October 16, 2024

Iranian cybercriminals are penetrating critical infrastructure organizations to accumulate credentials and network data, which they subsequently sell on cybercriminal platforms.

October 16, 2024

Google, in collaboration with Mandiant security analysts, has reported a concerning trend in 2023 where 70% of disclosed vulnerabilities that were actively exploited were zero-days.

October 16, 2024

A critical flaw has been identified in Kubernetes, an open-source platform used for automating the deployment, scaling, and operation of application containers.

October 16, 2024

ScarCruft, a North Korean threat actor, has been associated with exploiting a zero-day vulnerability in Windows to infect devices with RokRAT malware.

October 16, 2024

The Sidewinder APT group, known to be sponsored by India, has broadened its attack scope, targeting multiple entities across Asia, Africa, the Middle East, and Europe.