December 3, 2024

Veeam has issued security updates to rectify two vulnerabilities in its Service Provider Console (VSPC), one of which is a critical remote code execution (RCE) bug.

December 3, 2024

In the era of GDPR, users have the right to download all the data that websites store about them.

December 3, 2024

On Monday, Cisco issued an update to an advisory, warning its customers about the ongoing exploitation of a security vulnerability that has been present in its Adaptive Security Appliance (ASA) for a decade.

December 2, 2024

The 'Bootkitty' Linux UEFI bootkit, a recently discovered malware, leverages the LogoFAIL vulnerability, also known as CVE-2023-40238, to target vulnerable firmware on computers.

November 27, 2024

Hackers have found a way to exploit a critical authentication bypass flaw in ProjectSend, an open-source file-sharing web application.

November 27, 2024

A Russian hacker, known as 'Matrix', has built a large-scale distributed denial-of-service (DDoS) botnet by exploiting weakly protected Internet-of-Things (IoT) devices and enterprise servers.

November 26, 2024

A recently discovered set of vulnerabilities, collectively referred to as 'NachoVPN', allows rogue VPN servers to install harmful updates when unpatched VPN clients from Palo Alto and SonicWall connect to them.

November 26, 2024

In early October, the Russian APT group RomCom exploited two zero-day vulnerabilities, one in Mozilla software and the other in Windows, to spread their backdoor to anyone visiting an infected website, requiring no clicks from the victim.

November 26, 2024

The Advanced Persistent Threat (APT) group, Salt Typhoon, also known as Earth Estries, is recognized as one of China's most effective cyber threat actors.

November 26, 2024

The U.S. Cyber Defense Agency has identified active exploitation of a critical remote code execution vulnerability in SSL VPN products, specifically Array Networks AG and vxAG ArrayOS.