Home Search
vulnerability - search results
If you're not happy with the results, please do another search
DarkGate Malware Campaign Targets Microsoft Windows Zero-Day Vulnerability
Hackers exploited a Windows zero-day (CVE-2024-21412) to deliver DarkGate malware via fake software installers.
Microsoft Finally Patches Windows Rootkit Vulnerability Exploited by North Korean Lazarus Group Hackers
A critical Windows flaw allowed Lazarus hackers to install a rootkit. Avast reported it in August 2023 but Microsoft took 6 months to patch
CISA Elevates Microsoft Streaming Service Vulnerability to KEV Catalog
CISA urgently warns of a critical Microsoft vulnerability (CVE-2023-29360) exploited in attacks.
Massive Vulnerability in Microsoft Exchange Threatens Tens of Thousands of Servers
Major Microsoft Exchange flaw impacts almost 100K servers, allowing attackers to bypass security and potentially steal data.
Microsoft Addresses Critical Azure Pipelines Vulnerability with Urgent Patch
Microsoft issues patch for critical Azure Pipelines flaw affecting open-source projects.
Microsoft Introduces Vulnerable Components Inventory in Defender Vulnerability Management
Microsoft Defender expanded with a feature listing vulnerable components like Log4j, simplifying identification and fixing of software security risks.
Windows Defender SmartScreen Vulnerability CVE-2023-36025 Bypassed by Phemedrone Stealer
New virus "Phemedrone Stealer" targets unpatched Windows machines, stealing data from browsers, wallets, and more.
Apple iOS Vulnerability Exposed by Kaspersky Points to iPhone Weakness
Kaspersky researchers discovered a critical hardware vulnerability in iPhones, impacting devices up to iOS 16.6.
Android 14 and 13 Users Warned of New Security Vulnerability
Android 14 and 13 have a lock screen bypass bug allowing access to private data if Google Maps' Driving Mode is enabled.
Android Autofill Compromised: AutoSpill Vulnerability Threatens User Credentials
Researchers find flaw in Android password managers that can expose user credentials. "AutoSpill" misdirects password autofill within apps
Microsoft Exchange Accounts at Risk: Exploitation of Outlook Vulnerability
Russian group Fancybear hacked Microsoft Exchange accounts in US, Europe, and Middle East using a patched Windows Outlook flaw (CVE-2023-23397)
Researchers Uncover Zoom Rooms Vulnerability Allowing Unauthorized Access
Researchers have discovered a critical vulnerability in Zoom Rooms that could allow attackers to access sensitive data.
ChatGPT Vulnerability Revealed: Repeating Words Triggers Training Data Leakage
Researchers found that prompting ChatGPT to repeat a word repeatedly can extract its training data. OpenAI has yet to respond.
Intel Releases Emergency CPU Update to Address High-Severity Vulnerability
Intel has released microcode updates to address a high-severity bug, "Reptar" (CVE-2023-23583), affecting various Intel processors.
SysAid Releases Patch for Zero-Day Vulnerability Exploited by Clop Ransomware
SysAid has patched a critical zero-day flaw exploited by the Clop ransomware group to compromise corporate servers.
Federal Security Faces Serious Risk from Latest Chrome Zero-Day Vulnerability
Google has until October 23, a three-week deadline, to fix a vulnerability in Chrome.
Cybersecurity Experts: EU Cyber Resilience Act’s Vulnerability Disclosure Policy Paves Way for New Threats
Cybersecurity experts globally have penned an open letter advocating for a risk-based approach to vulnerability disclosure, emphasizing severity, potential impact, and mitigation strategies.
Apple Releases Urgent Zero-Day Vulnerability Patches
Recent Apple security vulnerabilities could let attackers run code, bypass signature checks, and increase privileges.
Microsoft Advises Users to Install Intel Platform Update (IPU) 23.3 to Mitigate Downfall Vulnerability
Microsoft has released mitigations for the Downfall vulnerability, a transient execution attack that impacts Intel CPUs.
Hackers Exploit WinRAR Vulnerability to Target Financial Traders
Hackers can infiltrate the victims' brokerage accounts, facilitating unauthorized financial transactions and fund withdrawals.