WordPress security plugin WP Ghost vulnerable to remote code execution bug
Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely…
New Windows zero-day exploited by 11 state hacking groups since 2017
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability…
Juniper patches bug that let Chinese cyberspies backdoor routers
Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers…
Cisco warns of Webex for BroadWorks flaw exposing credentials
Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely. [...]
CISA tags Windows, Cisco vulnerabilities as actively exploited
CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. [...]
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM…
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist…
New Auto-Color Linux backdoor targets North American govts, universities
A previously undocumented Linux backdoor dubbed 'Auto-Color' was observed in attacks between November and December 2024, targeting universities and government…
Exploits for unpatched Parallels Desktop flaw give root on Macs
Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root…
Apiiro unveils free scanner to detect malicious code merges
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are…