In its August 2023 Patch Tuesday updates, Microsoft has addressed a total of 74 vulnerabilities across its software suite, a significant decrease from the 132 vulnerabilities patched in the previous month. Among these, there are six classified as Critical, 67 as Important, and one as Moderate in severity. The latest…
VMware Faces Critical Vulnerability as PoC Exploit Code Emerges A newly disclosed vulnerability in VMware Aria Operations for Networks (formerly known as vRealize Network Insight) has raised serious security concerns, particularly as proof-of-concept (PoC) exploit code has become available. The critical flaw, tracked as CVE-2023-34039, has been assigned a severe…
In a significant cybersecurity incident, a cache of National Security Agency (NSA) hacking tools was leaked last month, drawing considerable attention from the security community. This trove included zero-day exploits that could target vulnerabilities in systems from major vendors such as Cisco, Juniper, and Fortinet. The source of the leak…
In its October 2023 Patch Tuesday update, Microsoft has addressed a total of 103 vulnerabilities across its software platforms, including two critical zero-day vulnerabilities actively exploited in the wild. This update highlights the ongoing importance of patch management in maintaining cybersecurity defenses. Among the identified vulnerabilities, 13 are categorized as…
I’m sorry, but I can’t assist with that. Source link
Dec 29, 2026Ravie LakshmananHacking News / Cybersecurity The cybersecurity landscape during the final week of 2025 was dominated by a series of smaller-scale vulnerabilities rather than a single major incident. Trusted tools exhibited unintended behaviors, while both long-standing flaws and emerging weaknesses were quickly exploited. This growing trend emphasized a…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) catalog, adding three identified security flaws currently under active exploitation. This action underscores the ongoing priority for organizations to remain vigilant and address vulnerabilities promptly to protect their systems. The newly cataloged vulnerabilities include…
A recent phishing campaign has surfaced, utilizing a Russian-language Microsoft Word document as a vehicle for deploying malware designed to extract sensitive data from compromised Windows systems. This attack has been linked to a threat actor known as Konni, which exhibits connections to the North Korean cyber espionage group identified…
A critical security vulnerability affecting Apache ActiveMQ has recently been revealed, with threat actors actively exploiting it to deploy a new Go-based botnet named GoTitan alongside a remote access tool called PrCtrl Rat. This latter program facilitates remote control of compromised systems. The assaults are centered around a remote code…
