South Korean hackers exploited WPS Office zero-day to deploy malware
The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS…
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted…
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems…
Taiwan University Under Fire From Unique DLL Backdoor
It's unclear who the "Msupedge" threat actors were or what the motive for the attack was.
Hackers use PHP exploit to backdoor Windows systems with new malware
Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting…
CISA warns critical SolarWinds RCE bug is exploited in attacks
CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for…
Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now
Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of…
SolarWinds fixes critical RCE bug affecting all Web Help Desk versions
A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the…
Six 0-Days Lead Microsoft’s August 2024 Patch Push
Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six…
Cisco warns of critical RCE zero-days in end of life IP phones
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business…