Sophos discloses critical Firewall remote code execution flaw
Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL…
Juniper warns of Mirai botnet scanning for Session Smart routers
Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...]
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware
A cyberespionage threat group known as 'Bitter' was observed targeting defense organizations in Turkey using a novel malware family named…
Clop ransomware claims responsibility for Cleo data theft attacks
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits…
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other…
CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited…
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft…
Hunk Companion WordPress plugin exploited to install vulnerable plugins
Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly…
Chinese Hacker Pwns 81K Sophos Devices With Zero-Day Bug
The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and…
Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that…