Please turn on your JavaScript for this page to function normally.
cyber threat
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates

A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial …

BlackByte ransomware
BlackByte affiliates use new encryptor and new TTPs

BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos …

Fortra FileCatalyst
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting …

malware
Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)

Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made …

SonicWall
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific …

SolarWinds
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)

A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw …

GitHub
Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)

A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the …

Google Chrome
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity …

PostgreSQL
PostgreSQL databases under attack

Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a …

hardware
Microchip Technology manufacturing facilities impacted by cyberattack

American semiconductor manufacturer Microchip Technology Incorporated has had some of its business operations disrupted by a cyberattack. “As a result of the incident, …

North Korea
0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)

CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ …

Apple Windows
Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera

Vulnerabilities in popular Microsoft apps for macOS can be abused by attackers to record video and audio clips, take pictures, access and exfiltrate data and send emails, …

Don't miss

Cybersecurity news