Latest News

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

Researchers tracking a remote code execution vulnerability in Zoho’s ManageEngine products are warning organizations to brace for “spray and pray” attacks across the internet.

Canadian liquor distributor Liquor Control Board of Ontario said a web skimmer injected into its online store was used to steal data.

The Department of Defense is launching the third installment of its ‘Hack the Pentagon’ bug bounty program, which will focus on the Facility Related Controls System (FRCS) network.

Software development service CircleCI said a recent data breach was the result of information stealer malware being deployed on an engineer’s laptop.

A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats.

Most internet-exposed Cacti installations have not been patched against a critical-severity command injection vulnerability that is being exploited in attacks.

Researchers have seen exploitation attempts targeting a critical Control Web Panel (CWP) vulnerability, following the publication of proof-of-concept (PoC) code in early January.

The first round of security advisories published by Juniper Networks for 2023 cover hundreds of vulnerabilities that have been patched in the networking giant’s products.

Fortinet reported that a recently patched vulnerability tracked as CVE-2022-42475 has been exploited in highly targeted attacks aimed at government organizations.

A Pro-Russian cybercrime group named NoName057(16) is actively launching distributed denial-of-service (DDoS) attacks against organizations in Ukraine and NATO countries.

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to complete vehicle compromise.

Twitter says it has analyzed the recently advertised databases allegedly containing the information of hundreds of millions of its users and found no evidence that a vulnerability has been exploited.

Cisco this week announced that no patches will be released for a critical-severity vulnerability impacting small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL).

British news organization The Guardian has confirmed that personal information was compromised in a ransomware attack in December 2022.