Malware & Threats CISA Warns of Progress Telerik Vulnerability Exploitation CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible. Ionut ArghireJune 14, 2024
Malware & Threats Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. Ryan NaraineJune 12, 2024
Malware & Threats Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing The Windows vulnerability carries a CVSS severity score of 9.8/10 and can be exploited by via specially crafted malicious MSMQ packets. Ryan NaraineJune 11, 2024
Malware & Threats Adobe Ships Hefty Batch of Security Patches Patch Tuesday: Adobe fixes critical flaws and warns of the risk of code execution attacks on Windows and macOS platforms. Ryan NaraineJune 11, 2024
Malware & Threats Arm Warns of Exploited Kernel Driver Vulnerability Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks. Ionut ArghireJune 11, 2024
Malware & Threats Chinese Hackers Exploit Old ThinkPHP Vulnerabilities in New Attacks Akamai warns that a Chinese threat actor is exploiting years-old remote code execution vulnerabilities in ThinkPHP in new attacks. Ionut ArghireJune 6, 2024
Malware & Threats Google, Microsoft: Russian Threat Actors Pose High Risk to 2024 Paris Olympics Google and Microsoft warn of elevated risks of cyber threats facing the 2024 Paris Olympics, especially from Russian threat actors. Ionut ArghireJune 6, 2024
Malware & Threats Multiple Chinese APTs Targeted Southeast Asian Government for Two Years Multiple Chinese state-sponsored groups have targeted a Southeast Asian government in a years-long cyberespionage campaign. Ionut ArghireJune 6, 2024
Malware & Threats Researchers Show How Malware Could Steal Windows Recall Data Cybersecurity researchers are demonstrating how malware could steal data collected by the new Windows Recall feature. Eduard KovacsJune 5, 2024
Malware & Threats CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog. Eduard KovacsJune 4, 2024
Malware & Threats Identities of Cybercriminals Linked to Malware Loaders Revealed Law enforcement reveals the identities of eight cybercriminals linked to recently disrupted malware loaders. Ionut ArghireJune 3, 2024
Malware & Threats PoC Published for Exploited Check Point VPN Vulnerability PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. Ionut ArghireJune 3, 2024