Google Discovers Attack Exploiting Chrome Zero-Day Vulnerability
Google on Monday announced the release of 11 security patches for Chrome, including one for a vulnerability exploited in the wild. read more more…Adobe fixes zero-day exploit in e-commerce code: update now!
There’s a remote code execution hole in Adobe e-commerce products – and cybercrooks are already exploiting it. more…Adobe Releases Emergency Patch for Exploited Commerce Zero-Day
Adobe released an emergency advisory on Sunday to inform Commerce and Magento users of a critical zero-day vulnerability that has been exploited in attacks. read more more…CISA Says ‘HiveNightmare’ Windows Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 16 new CVE identifiers to its list of known exploited vulnerabilities, including a Windows flaw that federal agencies are required to patch within two weeks. read more more…$4.4 Million Stolen From Crypto Firm: Multi-Bridge Exploited
$4.4 Million Stolen From Crypto Firm: Multi-Bridge Exploited l33tdawg Mon, 02/07/2022 – 23:39 more…CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug
CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug l33tdawg Mon, 02/07/2022 – 23:39 more…CISA Urges Organizations to Patch Exploited Windows Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its list of vulnerabilities known to be exploited in malicious attacks with a recently addressed Windows zero-day flaw. read more more…Volexity Warns of ‘Active Exploitation’ of Zimbra Zero-Day
Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to infect media and government targets in Europe. read more more…Zerodium Offering $400,000 for Microsoft Outlook Zero-Day Exploits
The exploit acquisition firm Zerodium this week showed increased interest in buying zero-day exploits targeting the popular email clients Microsoft Outlook and Mozilla Thunderbird. read more more…Apple Patches ‘Actively Exploited’ iOS Security Flaw
Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may have been actively exploited.” In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension. read more more…Apple Pays Out $100,000 for Webcam, User Account Hacking Exploit
A security researcher claims to have received a significant bug bounty from Apple for reporting a series of Safari and macOS vulnerabilities that could have been exploited to hijack a user’s online accounts and webcam. read more more…SonicWall Customers Warned of Possible Attacks Exploiting Recent Vulnerability
Hackers have started targeting a recently patched vulnerability affecting SonicWall’s Secure Mobile Access (SMA) 100 series appliances, and while the attacks observed to date do not appear to have been successful, that could soon change. read more more…CWP Flaws That Expose Servers to Remote Attacks Possibly Exploited in the Wild
Researchers discovered that the Control Web Panel (CWP) web hosting panel is affected by two serious vulnerabilities that can allow attackers to remotely hack servers, and it’s possible that they may have already been exploited in the wild. read more more…Exploit Code Released for Critical Windows HTTP Flaw
Exploit Code Released for Critical Windows HTTP Flaw l33tdawg Wed, 01/19/2022 – 23:29 more…Project Zero: Zoom Platform Missed ASLR Exploit Mitigation
A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation, a blunder that greatly increased exposure to malicious hacker attacks. read more more…Ukraine Attacks Involved Exploitation of Log4j, October CMS Vulnerabilities
CISA Warns Organizations of ‘Critical Threats’ Following Ukraine Attacks read more more…More information
- Highly Popular NPM Packages Poisoned in New Supply Chain Attack
- Hacked 3D printers could commit industrial sabotage
- Bitcoin hoax dupes Mac users into wiping their hard drives
- Microsoft SQL Server CVE-2018-8273 Remote Code Execution Vulnerability
- Facebook’s new ad sales plan raises hackles in Germany
- Does cyber insurance make us more (or less) secure?
- How to set up 802.1X client settings in Windows
- Microsoft SharePoint Server CVE-2018-0869 Remote Privilege Escalation Vulnerability
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks
- Google unveils payments protocol for AI agents with major financial firms