Zeljka Zorz
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/19151341/ivanti-blocks2-1400-400x200.jpg)
PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the …
![North Korea](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/17122554/north_korea-offices-400x200.webp)
US exposes scheme enabling North Korean IT workers to bypass sanctions
The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean …
![git](https://img.helpnetsecurity.com/wp-content/uploads/2023/01/19125253/git-19012023-04-400x200.jpg)
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104156/chrome-wave-400x200.jpg)
Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)
For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 …
![Foxit PDF Reader](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/15152108/foxit_pdf_reader-malware-1500-400x200.webp)
How attackers deliver malware to Foxit PDF Reader users
Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/14201548/patch_tuesday_news2-400x200.webp)
May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)
For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/01103731/apple-network-400x200.jpg)
Apple backports iOS zero-day patch, adds Bluetooth tracker alert
Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug (CVE-2024-27852) in MarketplaceKit that may allow maliciously crafted webpages to …
![social engineering](https://img.helpnetsecurity.com/wp-content/uploads/2023/09/06130307/social_engineering-400x200.jpg)
Black Basta target orgs with new social engineering campaign
Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access …
![Google Chrome](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104204/chrome-connection2-400x200.jpg)
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671)
Google has fixed a Chrome zero-day vulnerability (CVE-2024-4671), an exploit for which exists in the wild. About CVE-2024-4671 CVE-2024-4671 is a use after free vulnerability …
![F5](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12101425/f5-1-400x200.jpg)
F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)
Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities (CVE-2024-21793, CVE-2024-26026) affecting F5’s BIG-IP …
![Zscaler](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/09151703/zscaler-1500-400x200.webp)
Zscaler swats claims of a significant breach
On Wednesday, a threat actor named “InteIBroker” put up for sale “access to one of the largest cyber security companies” and immediately ignited …
![CVE](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/23122922/cve-1400-400x200.jpg)
CISA starts CVE “vulnrichment” program
The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD