Atlassian fixes Confluence zero-day widely exploited in attacks
Atlassian has released security updates to address a critical zero-day vulnerability in Confluence Server and Data Center actively exploited in the…
Actively Exploited Atlassian Zero-Day Bug Allows Full System Takeover
An remote code execution (RCE) vulnerability in all versions of the popular Confluence collaboration platform can be abused in credential…
Critical Atlassian Confluence zero-day actively used in attacks
Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix…
Non-human Resources
How to close the weakest link in your cyber defenses By Camellia Chan, CEO, and Founder of X-PHY […] The…
Microsoft blocks Polonium hackers from using OneDrive in attacks
Microsoft said it blocked a Lebanon-based hacking group it tracks as Polonium from using the OneDrive cloud storage platform for data exfiltration and command…
Conti ransomware targeted Intel firmware for stealthy attacks
Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group…
New Windows Search zero-day added to Microsoft protocol nightmare
A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by…
Windows MSDT zero-day now exploited by Chinese APT hackers
Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as 'Follina') to execute malicious code remotely…
New Microsoft Zero-Day Attack Underway
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially…
Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions
Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The…