The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days.
Read More...
Think "Macs don't get viruses"? Think again!
Read More...
With the help of malicious vSphere Installation Bundles, the attacker could install on the bare-metal hypervisor two backdoors
Read More...
The vulnerability turns out to be so critical that it allows the attacker to do RCE on the compromised system
Read More...
Tracked as CVE-2022-3236, the flaw was found in the User Portal and Webadmin of Sophos Firewall, allowing attackers to perform remote code execution (RCE)
Read More...
Zoho has warned of the public availability of a proof-of-concept (PoC) exploit for the vulnerability
Read More...
Disclosed in 2007 and tagged as CVE-2007-4559, the security issue never received a patch, the only mitigation provided being a documentation update warning developers about the risk.
Read More...
The lure in these phishing emails is a request for bids for lucrative government projects, taking them to phishing pages that are clones of legitimate federal agency portals
Read More...
Because adware doesn't create notable damage to victims' systems, besides eating up some bandwidth, it is usually a threat that is ignored or downplayed by analysts
Read More...
The botnet is now being used to install a Cobalt Strike beacon on infected systems as a second-stage payload
Read More...