Cyberwarfare Russia Blames US Intelligence for iOS Zero-Click Attacks Kaspersky said its corporate network has been targeted with a zero-click iOS exploit, just as Russia's FSB said iPhones have been targeted by US... Eduard KovacsJune 1, 2023
Vulnerabilities Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days The newest iOS 16.4.1 and iPadOS 16.4.1 patches a pair of code execution flaws that have already been exploited in the wild. Ryan NaraineApril 7, 2023
Threat Intelligence Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report A new research report discusses the five most exploited vulnerabilities of 2022, and the five key risks that security teams should consider. Kevin TownsendMarch 29, 2023
Nation-State Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes... Ryan NaraineMarch 27, 2023
Vulnerabilities Attacks Targeting Realtek SDK Vulnerability Ramping Up Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK. Ionut ArghireJanuary 24, 2023
Vulnerabilities In-the-Wild Exploitation of Recent ManageEngine Vulnerability Commences Organizations are being compromised in attacks exploiting a recently patched Zoho ManageEngine vulnerability. Ionut ArghireJanuary 20, 2023
Nation-State Chinese Hackers Exploited Fortinet VPN Vulnerability as Zero-Day A China-linked hackers are exploiting a vulnerability (CVE-2022-42475 ) in Fortinet FortiOS SSL-VPN, Mandiant claims. Ionut ArghireJanuary 20, 2023