Google fixes two Android zero-days used in targeted attacks
Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51…
Okta Fixes Auth Bypass Bug After 3-Month Lull
The bug affected accounts with 52-character user names, and had several pre-conditions that needed to be met in order to…
Microsoft SharePoint RCE bug exploited to breach corporate network
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access…
The fatal flaw in Kamala Harris’ speech, marred by Biden’s ‘garbage’ comment
While Kamala Harris claims she wants to bring the country together, the backbone of her speech on the Ellipse was…
Recurring Windows Flaw Could Expose User Credentials
Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware…
QNAP fixes NAS backup software zero-day exploited at Pwn2Own
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during…
Windows ‘Downdate’ Attack Reverts Patched PCs to a Vulnerable State
Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched…
Delta Launches $500M Lawsuit Against CrowdStrike
Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the…
Fog ransomware targets SonicWall VPNs to breach corporate networks
Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized…