Acronis warns of Cyber Infrastructure default password abused in attacks
Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials.…
Feds Warn of North Korean Cyberattacks on US Critical Infrastructure
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others…
Progress warns of critical RCE bug in Telerik Report Server
Progress Software has warned customers to patch a critical remote code execution security flaw in the Telerik Report Server that…
CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks
CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in…
CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool
A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting…
Microsoft Patch Tuesday, July 2024 Edition
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products.…
‘CloudSorcerer’ Leverages Cloud Services in Cyber-Espionage Campaign
The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which…
Latest Intel CPUs impacted by new Indirector side-channel attack
Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type…
New regreSSHion OpenSSH RCE bug gives root on Linux servers
A new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed "regreSSHion" gives root privileges on glibc-based Linux systems. [...]
New attack uses MSC files and Windows XSS flaw to breach networks
A novel command execution technique dubbed 'GrimResource' uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform…