D-Link says it is not fixing four RCE flaws in DIR-846W routers
D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router…
Commercial Spyware Vendors Have a Copycat in Top Russian APT
Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.
Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges
The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major…
Malware exploits 5-year-old zero-day to infect end-of-life IP cameras
The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which…
Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware…
US offers $2.5 million reward for hacker linked to Angler Exploit Kit
The U.S. Department of State and the Secret Service have announced a reward of $2,500,000 for information leading to Belarusian…
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted…
Iranian hackers work with ransomware gangs to extort breached orgs
An Iran-based hacking group known as Pioneer Kitten is breaching defense, education, finance, and healthcare organizations across the United States…
Google increases Chrome bug bounty rewards up to $250,000
Google has more than doubled payouts for Google Chrome security flaws reported through its Vulnerability Reward Program, with the maximum…
Microsoft shares temp fix for Linux boot issues on dual-boot systems
Microsoft shared a workaround for Linux boot issues triggered by August security updates on dual-boot systems with Secure Boot enabled…