Critical TeamCity flaw now widely exploited to create admin accounts
Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update…
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control…
Windows Kernel bug fixed last month exploited as zero-day since August
Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was…
CISA warns of Microsoft Streaming bug exploited in malware attacks
CISA ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their Windows systems against a high-severity vulnerability in the…
Microsoft pulls Edge update causing ‘Out of Memory’ crashes
Microsoft has pulled the Microsoft Edge 122.0.2365.63 update after users reported receiving "Out of memory" errors when browsing the web…
Citrix, Sophos software impacted by 2024 leap year bugs
Citrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products. [...]
Anycubic 3D printers hacked worldwide to expose security flaw
According to a wave of online reports from Anycubic customers, someone hacked their 3D printers to warn that the devices…
Malicious AI models on Hugging Face backdoor users’ machines
At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can…
LockBit’s Leak Site Reemerges, a Week After ‘Complete Compromise’
Is LockBit dead? Law enforcement and the group itself seem to be telling conflicting stories.
ConnectWise ScreenConnect Mass Exploitation Delivers Ransomware
Hundreds of initial access brokers and cybercrime gangs are jumping on the max-critical CVE-2024-1709 authentication bypass, threatening orgs and downstream…