Technology ❯ Software

Vulnerabilities

Zero-Day Exploits CVE Remote Code Execution Exploitation CVE Identifiers Denial of Service Security Flaws Security Updates Windows Kernel Vulnerabilities

DarkSword iPhone Exploit Leaks on GitHub, Threatens Unpatched Devices

A public GitHub leak makes the web exploit easy to reuse against iPhones that have not been updated.

CISA Flags Cisco Firewall Zero-Day Exploited by Interlock, Sets March 22 Patch Deadline

CISA Adds Three Actively Exploited Flaws to KEV, Sets Fast Federal Patching Deadlines

Dell Patches RecoverPoint Zero-Day Exploited Since 2024 by Suspected China Group

Security Warning Links Massive DDoS to 'Kimwolf' Botnet of Android TVs

CISA Forces Three-Day Patch for Actively Exploited SolarWinds Web Help Desk Flaw

APT28 Exploits Newly Patched Microsoft Office Flaw in Targeted Campaigns

n8n Issues Fixes After JFrog Uncovers Sandbox Escapes Allowing Authenticated RCE

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog With Feb. 12 Remediation Deadline

Huntress Uncovers Pre-Disclosure ESXi VM-Escape Toolkit Used in December Intrusion

Veeam Ships Fixes for Critical Backup & Replication RCE, Urges Update to 13.0.1.1071

React2Shell Attacks Escalate as Microsoft Confirms Hundreds of Compromised Systems

ICO Fines LastPass £1.2 Million Over 2022 Breach Affecting 1.6 Million UK Users

Barts Health Seeks Court Order After Cl0p Posts Stolen NHS Invoice Files on Dark Web Site

Apple Podcasts Auto-Opens to Unwanted Shows, Raising Security Concerns

WrtHug Campaign Hijacks About 50,000 ASUS Routers Worldwide

Logitech Confirms Data Breach Tied to Third-Party Zero-Day Exploit

GlobalLogic Confirms Oracle EBS Breach Exposed Data on 10,471 Staff as Clop Campaign Widens

Ransomware Payouts Plunge to New Low as Extortionists Pivot to Data Theft

CISA Flags Active Exploits of Windows SMB Privilege Bug, Sets Nov. 10 Patch Deadline