Cring ransomware actors are actively exploiting older vulnerabilities in ColdFusion servers and Fortigate VPNs to cripple industrial organizations. The Cring… Read More
Rapid7 unearthed a malicious campaign targeting Windows 10 running on Chrome browsers. The objective of the campaign is to obtain… Read More
Google announced that it will pay researchers to find exploits using vulnerabilities, over the next three months as part of… Read More
A now-patched critical RCE vulnerability in GitLab's web interface is being actively exploited in the wild, rendering a large number… Read More
A now-patched critical remote code execution (RCE) vulnerability in GitLab's web interface has been detected as actively exploited in the… Read More
After Internet Explorer, Magnitude Exploit Kit has been observed infecting Chromium-based browsers running on Windows OS in a series of… Read More
Cryptocurrency scammers are exploiting Apple’s Enterprise Developer Program to get bogus trading apps onto their marks’ iPhones. Sophos Labs observed… Read More
Qualys researchers reported that several older vulnerabilities, with existing patches, in software made by several Oracle and Adobe are being… Read More
In its notification to customers, Coinbase explains that between March and May 20th, 2021, a threat actor conducted a hacking… Read More
The company is coordinating with multiple CERT organizations worldwide to take down the botnet's infrastructure by shutting down all detected… Read More
Telegram channels have become quite the hot seat for threat actors. Lately, a new Remote Access Trojan (RAT) has entered… Read More
A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the… Read More
A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the… Read More
After gaining access to the server, the APT actors moved laterally through the network and created new domain controller, server,… Read More
Stolen API keys are being increasingly sold on hacker forums. Cyber adversaries are exploiting cryptocurrency exchange API keys and using… Read More
A financially motivated threat group, tracked as UNC2447, was spotted exploiting a previously disclosed zero-day flaw in SonicWall’s Secure Mobile… Read More