The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.
Hi, what are you looking for?
The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.
Quarkslab finds serious, remotely exploitable vulnerabilities in EDK II, the de-facto open source reference implementation of the UEFI spec.
The tool, called FBot, is capable of credential harvesting for spamming attacks, and AWS, PayPal and SaaS account hijacking.
Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won't be available until January 22.
Patch Tuesday: Redmond patches critical, remote code execution vulnerabilities haunting Windows Kerberos and Windows Hyper-V.
Delinea acquires Israeli startup Authomize to add identity threat detection and response (IDTR) technologies to its product portfolio.
Patch Tuesday: Adobe patches six security flaws in the Substance 3D Stager product and warned of code execution risks on Windows and macOS.
Elevate Security raised $18.3 million in venture capital financing and scored investments from the likes of Cisco and CrowdStrike.
Late-stage player in the CNAPP space secures a $60 million extended Series E funding round at a valuation north of $1 billion.
SentinelOne plans to acquire PingSafe in a cash-and-stock deal that adds cloud native application protection platform (CNAPP) technologies.
SonicWall announces the acquisition of Banyan Security, a deal that adds zero-trust network access tooling to its product portfolio.
Isovalent raised about 70 million in funding from prominent investors including Microsoft's venture fund, Google, and Andreessen Horowitz.