vulnerability
![vulnerabilities](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/11095101/vunerabilities-400x200.jpg)
Top 12 vulnerabilities routinely exploited in 2022
Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 …
![VPN](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/02120400/vpn-tunnel-400x200.jpg)
VPNs remain a risky gamble for remote access
Organizations are expressing deep concerns about their network security due to the risks from VPNs, according to a new Zscaler report. The report stresses the need for …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/31150730/ivanti2-400x200.jpg)
Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)
Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been …
![Salesforce](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/02160324/salesforce1-400x200.jpg)
Salesforce and Meta suffer phishing campaign that evades typical detection methods
The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. Phishing email …
![Android](https://img.helpnetsecurity.com/wp-content/uploads/2019/09/09093409/android4-400x200.jpg)
Android n-day bugs pose zero-day threat
In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days …
![Stremio](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/31143755/stremio-1400-400x200.jpg)
CyFox disclose Stremio vulnerability, developers don’t agree on findings
UPDATE: August 2, 10:21 AM PT The Stremio team published a blog post saying that they’ve received a report from CyFox, but that they did not consider it valid, so they …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/31150732/ivanti1-400x200.jpg)
Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)
Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted …
![Barracuda](https://img.helpnetsecurity.com/wp-content/uploads/2023/05/30185447/barracuda-hands-400x200.jpg)
New persistent backdoor used in attacks on Barracuda ESG appliances
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection …
![Mikrotik](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/26130436/mikrotik1-400x200.jpg)
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12104923/apple-bkg1-400x200.jpg)
Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)
Apple has patched an exploited zero-day kernel vulnerability (CVE-2023-38606) in iOS, iPadOS, macOS, watchOS and tvOS. CVE-2023-38606 fix has been backported In early July, …
![Pieter Danhieux](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/14112052/pieter_danhieux-2-secure_code_warrior-400x200.jpg)
Inspiring secure coding: Strategies to encourage developers’ continuous improvement
In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the …
![large language models](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/11160742/llms-3-400x200.jpg)
LLMs and AI positioned to dominate the AppSec world
As modern software trends toward distributed architectures, microservices, and extensive use of third-party and open source components, dependency management only gets harder, …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)