Chinese Keyboard Apps Open 1B People to Eavesdropping
Eight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a…
CISA Adds 9.8 ‘Critical’ Microsoft SharePoint Bug to its KEV Catalog
It's a tale as old as time: an old, long-since patched vulnerability that remains actively exploited.
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts…
RCE exploit for Wyze Cam v3 publicly released, patch now
A security researcher has published a proof-of-concept (PoC) exploit for Wyze Cam v3 devices that opens a reverse shell and…
Cl0P Gang Sat on Exploit for MOVEit Flaw for Nearly 2 Years
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It…
Hackers exploit bug in WordPress gift card plugin with 50K installs
Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000…
Microsoft Warns on ‘Achilles’ macOS Gatekeeper Bypass
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.
OpenSSL fixes two high severity vulnerabilities, what you need to know
The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and…
Almost 900 servers hacked using Zimbra zero-day flaw
Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a…
How to Check if Your F5 BIG-IP Device Is Vulnerable
This Tech Tip walks network administrators through the steps to address the latest critical remote code execution vulnerability (CVE-2022-1388) in…