Thousands of DrayTek Routers at Risk From 14 Vulnerabilities
Several of the flaws enable remote code execution and denial-of-service attacks while others enable data theft, session hijacking, and other…
CISA warns of Windows bug exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a…
Exploit for critical Veeam auth bypass available, patch now
A proof-of-concept (PoC) exploit for a Veeam Backup Enterprise Manager authentication bypass flaw tracked as CVE-2024-29849 is now publicly available, making…
Chinese Keyboard Apps Open 1B People to Eavesdropping
Eight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a…
CISA Adds 9.8 ‘Critical’ Microsoft SharePoint Bug to its KEV Catalog
It's a tale as old as time: an old, long-since patched vulnerability that remains actively exploited.
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts…
RCE exploit for Wyze Cam v3 publicly released, patch now
A security researcher has published a proof-of-concept (PoC) exploit for Wyze Cam v3 devices that opens a reverse shell and…
Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It…
Hackers exploit bug in WordPress gift card plugin with 50K installs
Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000…
Microsoft Warns on ‘Achilles’ macOS Gatekeeper Bypass
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.