Google paid $12 million in bug bounties to security researchers
Google last year paid its highest bug bounty ever through the Vulnerability Reward Program for a critical exploit chain report…
Hackers now exploit critical Fortinet bug to backdoor servers
Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that…
Exploit released for critical Fortinet RCE flaws, patch now
Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in Fortinet's FortiNAC network access control suite. [...]
New WhiskerSpy malware delivered via trojanized codec installer
Security researchers have discovered a new backdoor called WhiskerSpy used in a campaign from a relatively new advanced threat actor tracked as…
Hackers start using Havoc post-exploitation framework in attacks
Security researchers are seeing threat actors switching to a new and open-source command and control (C2) framework known as Havoc…
ChatGPT Subs In as Security Analyst, Hallucinates Only Occasionally
Incident response triage and software vulnerability discovery are two areas where the large language model has demonstrated success, although false…
RedEyes hackers use new malware to steal data from Windows, phones
The APT37 threat group (aka 'RedEyes' or 'ScarCruft') has been spotted using a new evasive malware named 'M2RAT' along with…
9 New Microsoft Bugs to Patch Now
78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which…
Understand And Reduce The Sap Attack Surface
By Christoph Nagy, CEO & Co-Founder, SecurityBridge Knowing the attack surface in today’s world is very important to reduce the…
New ESXiArgs ransomware version prevents VMware ESXi recovery
New ESXiArgs ransomware attacks are now encrypting more extensive amounts of data, making it much harder, if not impossible, to recover…