UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was…
China’s UNC5337 Exploits a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the…
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before —…
Protect SAP Supply Chains by Preventing Cyber Attacks
Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply…
Ivanti warns of maximum severity CSA auth bypass vulnerability
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]
Critical RCE bug in VMware vCenter Server now exploited in attacks
Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote…
Palo Alto Networks warns of potential PAN-OS RCE vulnerability
Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability…
QNAP fixes NAS backup software zero-day exploited at Pwn2Own
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during…
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not…
Qualcomm patches high-severity zero-day exploited in attacks
Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of…