Security researchers have revealed new details about how attackers are exploiting two flaws in the PaperCut enterprise print management system — used by more...
As recently as 2021, the notorious Russian APT28 was exploiting network routers running outdated versions of Cisco's IOS and IOS XE operating system software,...
Security researchers are sounding the alarm on what may well be another major SolarWinds or Kaseya-like supply chain attack, this time involving Windows and...
A high-severity authentication bypass vulnerability in a widely used open source Java framework is under active exploit by threat actors, who are using the...
Last week, the Cybersecurity and Infrastructure Security Agency (CISA) added three new entries to its Known Exploited Vulnerabilities catalog. Among them was CVE-2023-0669, a...
An unknown threat actor has been quietly mining Monero cryptocurrency on open source Redis servers around the world for years, using a custom-made malware...
Three security vulnerabilities affecting VMware's vRealize Log Insight platform now have public exploit code circulating, offering a map for cybercriminals to follow to weaponize...
A recent incident where a bored hacker found a list of 1.5 million individuals on TSA's no-fly list sitting unprotected on an Internet-exposed server...
Account takeover attacks are like the widely told campfire story about a babysitter that receives a series of threatening phone calls that are traced...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week released an advisory to inform organizations about potentially serious vulnerabilities affecting ipDIO telecontrol communication devices that are no longer supported by the vendor.
Researchers discovered that the Control Web Panel (CWP) web hosting panel is affected by two serious vulnerabilities that can allow attackers to remotely hack servers, and it’s possible that they may have already been exploited in the wild.