The LockBit ransomware-as-a-service (RaaS) operation has re-launched its leak site, just one week after a coordinated takedown operation from global law enforcement.On Feb. 19,...
Just days after initial exploitation reports started rolling in for a critical security vulnerability in the ConnectWise ScreenConnect remote desktop management service, researchers are...
Users of the ConnectWise ScreenConnect remote desktop management tool are under active cyberattack, after a proof-of-concept (PoC) exploit surfaced for a max-critical security vulnerability...
The Joomla open source content management system (CMS) is vulnerable to multiple cross-site scripting (XSS) security vulnerabilities that could allow remote code execution (RCE).Sonar's...
Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a...
The Raspberry Robin worm is incorporating one-day exploits almost as soon as they're developed, in order to improve on its privilege escalation capabilities. Researchers from...
Canon has patched seven critical buffer-overflow bugs affecting its small office multifunction printers and laser printers.Tracked as CVE-2023-6229 through CVE-2023-6234 (plus CVE-2024-0244), they affect...
A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell.It's been more than two years since the critical vulnerability in...
Researchers have uncovered a set of four vulnerabilities in container engine components that they dubbed "Leaky Vessels," three of which give attackers a way...
A critical security vulnerability in Cisco Unified Communications and Contact Center Solutions (UC/CC) could allow unauthenticated remote code execution (RCE).The bug (CVE-2024-20253, 9.9 CVSS)...
Threat actors have unleashed a fresh wave of cyberattacks targeting a critical remote code-execution (RCE) vulnerability in Apache ActiveMQ, for which the Apache Software...