Security vulnerability

Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in "extremely sophisticated" attacks.…

The specter of security vulnerabilities is a constant concern in today’s digital landscape. They’re the hidden pitfalls that can undermine…

Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code…

The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits…

CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited…

The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and…

The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.

Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data…

Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked…