Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance…
Hundreds of initial access brokers and cybercrime gangs are jumping on the max-critical CVE-2024-1709 authentication bypass, threatening orgs and downstream…
Cyberattackers can exploit a vulnerability in JetBrain's continuous integration and delivery (CI/CD) server (a popular APT target) to gain administrative…
Top 5 Most Dangerous Cyber Threats in 2024
SANS Institute experts weigh in on the top threat vectors faced by enterprises and the public at large.
Apple backports fix for RTKit iOS zero-day to older iPhones
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as…
R Programming Bug Exposes Orgs to Vast Supply Chain Risk
The CVE-2024-27322 security vulnerability in R's deserialization process gives attackers a way to execute arbitrary code in target environments via…
Maximum severity Flowmon bug has a public exploit, patch now
Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance…
Critical Rust flaw enables Windows command injection attacks
Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.…
GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code
GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. This feature is in public beta…
ConnectWise ScreenConnect Mass Exploitation Delivers Ransomware
Hundreds of initial access brokers and cybercrime gangs are jumping on the max-critical CVE-2024-1709 authentication bypass, threatening orgs and downstream…
New critical Microsoft Outlook RCE bug is trivial to exploit
Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office…
Patch Now: Critical TeamCity Bug Allows for Server Takeovers
Cyberattackers can exploit a vulnerability in JetBrain's continuous integration and delivery (CI/CD) server (a popular APT target) to gain administrative…
CISA warns of patched iPhone kernel bug now exploited in attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively…