• Proofpoint

June 04, 2025 Nick Attfield and Konstantin Klinger in collaboration with Threatray’s Abdallah Elshinbary and Jonas Wagner This is a two-part blog series, detailing research undertaken in collaboration ... Read more

• Daily CyberSecurity

The Domain Name System (DNS) plays a pivotal role, translating human-friendly domain names into the numerical IP addresses that computers understand. And at the heart of many applications facilitating ... Read more

• Daily CyberSecurity

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning after adding two newly discovered Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, co ... Read more

• Daily CyberSecurity

In a deep dive published by Guy Bruneau, Senior Security Consultant and former network engineer, the lingering dangers of a years-old Cisco vulnerability—CVE-2018-0171—are laid bare with fresh insight ... Read more

• Daily CyberSecurity

LNbits, the modular and extendable Lightning Network wallet server, has patched a critical Server-Side Request Forgery (SSRF) vulnerability that exposed internal services to potential exploitation via ... Read more

• Daily CyberSecurity

A high-severity security vulnerability has been identified in NAKIVO Backup & Replication, a popular data protection solution. The vulnerability, classified as an XML External Entity (XXE) issue and t ... Read more

• Daily CyberSecurity

Recently, the Cybersecurity and Infrastructure Security Agency (CISA) added two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the urgency for users to apply ... Read more

• Daily CyberSecurity

Microsoft Threat Intelligence has disclosed active exploitation of a zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824. The exploit, used in the wild, enab ... Read more

• Daily CyberSecurity

In a recent security advisory, Siemens ProductCERT has revealed multiple critical vulnerabilities affecting the SENTRON 7KT PAC1260 Data Manager. The advisory, published on April 8, 2025, warns that t ... Read more

• Daily CyberSecurity

A newly disclosed vulnerability in Kibana, the popular open-source data visualization front-end for Elasticsearch, has been rated CVSS 8.7 due to its potential to allow remote code injection under spe ... Read more

• Daily CyberSecurity

The Chrome Stable channel has been updated to version 135.0.7049.84/.85 for Windows and Mac, and to 135.0.7049.84 for Linux. This update will be rolling out to users over the coming days and weeks. Th ... Read more

• Daily CyberSecurity

This April, Microsoft’s Patch Tuesday release addresses a significant number of vulnerabilities, highlighting the ever-present need for robust cybersecurity practices. The tech giant rolled out fixes ... Read more

• Kaspersky

Q4 2024 saw fewer published exploits for Windows and Linux compared to the first three quarters. Although the number of registered vulnerabilities continued to rise, the total number of Proof of Conce ... Read more

• The Hacker News

Endpoint Security / Vulnerability Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR St ... Read more

• Cyber Security News

Researchers uncovered an ongoing campaign distributing the Rhadamanthys Infostealer through malicious Microsoft Management Console (MMC) files (.MSC), leveraging both a patched DLL vulnerability and l ... Read more

• TheCyberThrone

In 2024, Microsoft’s Patch Tuesday updates played a critical role in addressing security vulnerabilities across various platforms. Throughout the year, a total of 1,000+ vulnerabilities were patched, ... Read more

• Help Net Security

Microsoft followed their October precedent set with Windows 11 24H2 and announced Microsoft Server 2025 on the first of November. We were expecting the official announcement at Microsoft Ignite near t ... Read more

• Cybersecurity News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an updated advisory regarding four security vulnerabilities actively exploited in the wild. These vulnerabilities, now included i ... Read more

• Cybersecurity News

Use of DocuSign's official templates, complete with legitimate branding | Image: WallarmIn a sophisticated twist on phishing, cybercriminals are now leveraging DocuSign’s API to send fraudulent invoic ... Read more

• Cybersecurity News

Attack Flow | Image: CofenseA recent report by Adam Martin and Kian Buckley Maher from the Cofense Phishing Defense Center (PDC) has revealed a sophisticated malware loader, PythonRatLoader, that is b ... Read more

• Cybersecurity News

Google has rolled out a crucial update to its Chrome browser, addressing three high-severity security flaws that could be exploited by attackers. The update, versions 130.0.6723.69/.70 for Windows and ... Read more

• Cybersecurity News

In a recent discovery by the SonicWall Capture Labs threat research team, a new malware crypter known as “HORUS Protector” has emerged, presenting a significant threat to cybersecurity defenses. This ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 202 ... Read more

• Help Net Security

If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analy ... Read more

• TheCyberThrone

The US CISA has added below vulnerabilities to its Known exploited vulnerabilities catalog based on the evidence of active exploitationCVE-2024-43047The vulnerability with a CVSS score of 7.8, Multipl ... Read more

• The Cyber Express

Microsoft has released the October 2024 Patch Tuesday, addressing a total of 117 Common Vulnerabilities and Exposures (CVEs). This month’s Microsoft Patch Tuesday update includes three vulnerabilities ... Read more

• security.nl

Tijdens de patchdinsdag van oktober heeft Microsoft meer dan honderd kwetsbaarheden in verschillende producten verholpen, waaronder twee beveiligingslekken in Windows waar aanvallers actief misbruik v ... Read more

• The Hacker News

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are r ... Read more

• TheCyberThrone

Microsoft patched 117 CVEs in October 2024 Patch Tuesday release, with three rated critical, 113 rated important and one rated moderate.27 Elevation of Privilege vulnerabilities7 Security Feature Bypa ... Read more

• Cybersecurity News

Microsoft’s October 2024 Patch Tuesday delivered a crucial set of security updates, addressing a total of 121 vulnerabilities across its ecosystem. This includes three critical vulnerabilities and 114 ... Read more

• The Register

Patch Tuesday It's the second Tuesday of the month, which means Patch Tuesday, bringing with it fixes for numerous flaws, bugs and vulnerabilities in major software. And this one is a doozy. Microsoft ... Read more

• krebsonsecurity.com

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe ... Read more

• Dark Reading

Source: fadfebrian via ShutterstockMicrosoft's October security update addressed a substantial 117 vulnerabilities, including two actively exploited flaws and three publicly disclosed but as yet unexp ... Read more

• Help Net Security

For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Plat ... Read more