In mid-January, security researchers identified a significant campaign distributing the malicious software DarkGate, exploiting a recently patched Microsoft Windows security vulnerability in a zero-day fashion, that is, before its correction. According to Trend Micro,...
A new threat, codenamed GhostRace (CVE-2024-2193), has been identified by research teams from the Vrije Universiteit Amsterdam and IBM Research Europe. This vulnerability compromises the foundational security tools of operating systems and may result...
The team behind GrapheneOS, which is dedicated to developing a secure iteration of the Android Open Source Project (AOSP), identified a flaw within the Bluetooth stack of Android 14 that could lead to remote...
Intel has updated the microcode for its processors to address five security vulnerabilities and has also integrated new code into the Linux kernel to mitigate the effects of a new vulnerability (CVE-2023-28746) related to...
Over the last three weeks, more than 3,900 WordPress sites have been targeted in a new malicious campaign aimed at exploiting a vulnerability in the Popup Builder plugin to inject harmful JavaScript content into...
In the realm of cybersecurity, a critical vulnerability has been discovered affecting Progress Software products, specifically the OpenEdge Authentication Gateway and AdminServer. This flaw poses a significant threat to authentication mechanisms, potentially allowing malefactors...
A new study by the University of Chicago has uncovered a vulnerability within the Meta Quest VR system that allows malefactors to hijack user devices, pilfer confidential information, and manipulate social interactions using generative...
Moxa expressed its gratitude to the experts at Positive Technologies for identifying a dangerous vulnerability in the NPort series of wireless industrial converters. Classified as CVE-2024-1220, this vulnerability was rated as high risk with...
The group known as Magnet Goblin has been actively exploiting vulnerabilities in publicly accessible servers to deploy malware on Windows and Linux systems. This group focuses on exploiting 1-day vulnerabilities—security flaws that have been...
A critical vulnerability in Fortinet’s security systems has impacted approximately 150,000 devices worldwide. The vulnerability, CVE-2024-21762 (CVSS score: 9.8), is characterized as an out-of-bounds write issue in FortiOS, enabling an unauthenticated attacker to execute...
ThreatMon, a cyber threat analysis platform, has reported the emergence of an advertisement on a notorious hacker forum offering a Zero Day exploit for WordPress for sale. The vendor claims that this exploit, implemented...
Apple has issued critical security updates to address two zero-day vulnerabilities in iOS, which have been exploited in real-world attacks against iPhone users. The company disclosed this information on March 5th in a separate...
