Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within…
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware…
Windows ‘Downdate’ Attack Reverts Patched PCs to a Vulnerable State
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched…
New Windows Driver Signature bypass allows kernel rootkit installs
Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully…
Apple creates Private Cloud Compute VM to let researchers find bugs
Apple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system,…
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
If exploited, bad actors can execute arbitrary code while evading detection thanks to a renamed process.
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not…
RegreSSHion, Critical RCE Vulnerabilities, and When Should You Be Scared?
On July 1st, 2024, the cybersecurity community was rocked by the discovery of a critical Remote Code Execution (RCE) vulnerability…
Akira and Fog ransomware now exploit critical Veeam RCE flaw
Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup…
Critical Mozilla Firefox Zero-Day Allows Code Execution
The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.