Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker …
Tricking users at targeted organizations into installing legitimate remote monitoring and management (RMM) software has become a familiar pattern employed by financially …
The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company’s popular League of Legends online game. The …
VMware has fixed two critical (CVE-2022-31706, CVE-2022-31704) and two important (CVE-2022-31710, CVE-2022-31711) security vulnerabilities in VMware vRealize Log Insight, its …
GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, …
Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching – among other things – a type confusion flaw in the WebKit component …
The European Union Agency for Cybersecurity (ENISA) has made available Awareness Raising in a Box (AR-in-a-BOX), a “do it yourself” toolbox to help organizations …
A source code audit has revealed two critical vulnerabilities affecting git, the popular distributed version control system for collaborative software development. The latest …
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and …
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …