Apple creates Private Cloud Compute VM to let researchers find bugs
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system,…
Lazarus Group Exploits Chrome Zero-Day in Latest Campaign
The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images.
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
If exploited, bad actors can execute arbitrary code while evading detection thanks to a renamed process.
How H-1B visa loopholes are undercutting American wages and jobs
Big Tech is taking advantage of America’s broken immigration system, and Americans are suffering because of it. Last week, a…
RegreSSHion, Critical RCE Vulnerabilities, and When Should You Be Scared?
On July 1st, 2024, the cybersecurity community was rocked by the discovery of a critical Remote Code Execution (RCE) vulnerability…
Critical Mozilla Firefox Zero-Day Allows Code Execution
The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.
GitLab warns of critical arbitrary branch pipeline execution flaw
GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical…
CISA says critical Fortinet RCE flaw now exploited in attacks
Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. [...]
CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog
Ivanti reports that the bug is being actively exploited in the wild for select customers.
Critical Ivanti RCE flaw with public exploit now used in attacks
CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager…