Exploits

Voice phishing, also known as vishing, represents a growing threat to organizations worldwide. Keepnet’s 2024 Vishing Response Report illuminates the…

In 2024, the Taiwanese government saw the daily average of attempted attacks by China double to 2.4 million, with a…

A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data…

New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the…

New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before —…

Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum,…

Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed in the…

A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in…

A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious…

A new variation of clickjacking attacks called "DoubleClickjacking" lets attackers trick users into authorizing sensitive actions using double-clicks while bypassing…