CISA urges vendors to patch BrakTooth bugs after exploits release
Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip (SoC) security…
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited […] The…
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk…
CISA Issues New Directive for Patching Known Exploited Vulnerabilities
The goal is to reduce civilian federal agency exposure to attacks that threat actors are actively using in campaigns, agency…
Over 30,000 GitLab servers still unpatched against critical bug
A critical unauthenticated, remote code execution GitLab flaw fixed on April 14, 2021, remains exploitable, with over 50% of deployments…
Android November patch fixes actively exploited kernel bug
Google has released the Android November 2021 security updates, which address 18 vulnerabilities in the framework and system components, and…
‘Trojan Source’ Bug Threatens the Security of All Code
Virtually all compilers -- programs that transform human-readable source code into computer-executable machine code -- are vulnerable to an insidious…
All Windows versions impacted by new LPE zero-day vulnerability
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that…
Microsoft: Shrootless bug lets hackers install macOS rootkits
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations,…
North Korean state hackers start targeting the IT supply chain
North Korean-sponsored Lazarus hacking group has switched focus on new targets and was observed by Kaspersky security researchers expanding its supply…