Latest News

CISA has added five bugs to its Known Exploited Vulnerabilities catalog, including the recent WordPad, Skype, and HTTP/2 zero-days.

ICS Patch Tuesday: Siemens and Schneider Electric release over a dozen advisories addressing more than 40 vulnerabilities.

Microsoft says an APT group tracked as Storm-0062 has been hacking Confluence installations since mid-September, three weeks before Atlassian’s disclosure.

Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warns that three are already being exploited in the wild.

The war with Hamas will inevitably absorb manpower and focus from the cybersecurity sector.

Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks.

A Mirai botnet variant tracked as IZ1H9 has updated its arsenal with 13 exploits targeting various routers, IP cameras, and other IoT devices.

SAP has released seven new notes as part of its October 2023 Security Patch Day, all rated ‘medium severity’.

SecurityWeek will host its 2023 Industrial Control Systems (ICS) Cybersecurity Conference from October 23 – 26, 2023 at the InterContinental Atlanta Buckhead.

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.

Serial entrepreneurs bank an unusually large seed round to apply process mining techniques to solve security governance problems.

A previously unknown APT group is targeting organizations in biomedical, IT, and manufacturing sectors in Taiwan.

A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems.

A newly identified Magecart web skimming campaign is tampering with ‘404’ error pages to hide malicious code.

UK-based cable manufacturing giant Volex has been targeted in a cyberattack that involved unauthorized access to IT systems and data.