CISA warns of Windows flaw used in infostealer malware attacks
CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the…
Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used…
Bug Left Some Windows PCs Dangerously Unpatched
Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software,…
Zyxel warns of critical OS command injection flaw in routers
Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated…
Commercial Spyware Vendors Have a Copycat in Top Russian APT
Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.
Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware…
New 0-Day Attacks Linked to China’s ‘Volt Typhoon’
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service…
Versa fixes Director zero-day vulnerability exploited in attacks
Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an…
Constantly Evolving MoonPeak RAT Linked to North Korean Spying
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and…
Pluralsight Releases Courses to Help Cyber Pros Defend Against Volt Typhoon Hacker Group
PRESS RELEASE Pluralsight, the technology workforce development company, today announced the release of its expert-led...