CosmicSting flaw impacts 75% of Adobe Commerce, Magento sites
A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has…
Linux version of RansomHub ransomware targets VMware ESXi VMs
The RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks. [...]
“Researchers” exploit Kraken exchange bug, steal $3 million in crypto
The Kraken crypto exchange disclosed today that alleged security researchers exploited a zero-day website bug to steal $3 million in…
Microsoft says bug causes Windows 10 apps to display Open With dialogs
Microsoft has confirmed that Windows 10 apps will mistakenly display an "How do you want to open this file?" dialog…
Bug Bounty Programs, Hacking Contests Power China’s Cyber Offense
With the requirement that all vulnerabilities first get reported to the Chinese government, once-private vulnerability research has become a goldmine…
CISA warns of Windows bug exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a…
Google warns of actively exploited Pixel firmware zero-day
Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already…
Critical MSMQ RCE Bug Opens Microsoft Servers to Complete Takeover
CVE-2024-30080 is the only critical issue in Microsoft's June 2024 Patch Tuesday update, but many others require prompt attention as…
Patch Tuesday, June 2024 “Recall” Edition
Microsoft today released updates to fix more than 50 security vulnerabilities in Windows and related software, a relatively light Patch…
New Windows Server KB5039227 and KB5039217 updates fix LSASS crashes
Microsoft has released the Windows Server 2022 KB5039227 and Windows Server 2019 KB5039217 cumulative updates with security fixes and fixes for a variety…