Cisco Talos found UAT-5918, active since 2023, using web shells and open-source tools for persistence, info theft, and credential harvesting.…
The U.S. Treasury is lifting sanctions on Tornado Cash, a crypto mixer accused of helping North Korea's Lazarus Group launder…
Russian zero-day broker Operation Zero is looking for exploits for the popular messaging app Telegram, offering up to $4 million…
Experts warn of the active exploitation of two recently patched security vulnerabilities affecting Cisco Smart Licensing Utility. Cisco disclosed two…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its…
WhatsApp fixed a zero-click, zero-day vulnerability used to install Paragon's Graphite spyware on the devices of targeted individuals. WhatsApp has…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS/FortiProxy and GitHub Action flaws to its Known Exploited Vulnerabilities catalog. The U.S.…
11 state-sponsored APTs exploit malicious .lnk files for espionage and data theft, with ZDI uncovering 1,000 such files used in…
The GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow. Researchers reported that…
Threat actors began exploiting a recently disclosed Apache Tomcat vulnerability immediately after the release of a PoC exploit code. A…
This website uses cookies.