September 20, 2023

A malicious actor has been leveraging GitHub to disseminate a phony proof-of-concept (PoC) exploit for a recently patched vulnerability in the WinRAR software, CVE-2023-40477.

September 19, 2023

Qatar's National Cyber Security Agency has sounded the alarm for users of Adobe products to promptly apply patches due to the revelation of vulnerabilities in Mozilla's Firefox and Thunderbird.

September 19, 2023

GitLab, a widely used web-based open-source software project management and work tracking platform, has issued security updates to address a critical vulnerability.

September 19, 2023

Trend Micro has rectified a zero-day code execution vulnerability, designated as CVE-2023-41179, in its Apex One product.

September 19, 2023

A cyber threat group with links to China, known as Earth Lusca, has been discovered attacking government bodies utilizing a new Linux backdoor named SprySOCKS.

September 18, 2023

A threat actor fluent in Chinese, who has been skimming credit card details from ecommerce sites and point-of-sale service providers in the Asia/Pacific region for over a year, has started targeting similar entities in North and Latin America.

September 18, 2023

Approximately 12,000 Juniper SRX firewalls and EX switches are exposed to an unauthenticated, fileless remote code execution flaw.

September 18, 2023

Fortinet, a major cybersecurity company, has launched patches to fix a severe cross-site scripting (XSS) vulnerability that affects its enterprise-grade firewalls and switches.

September 17, 2023

The Clop ransomware group, also known as Lace Tempest, has reportedly stolen personal data from several major hospitals in North Carolina.

September 15, 2023

Microsoft has uncovered a series of password spray attacks conducted by Iranian nation-state actors, identified as Peach Sandstorm, across thousands of organizations globally from February to July 2023.