Zeljka Zorz
Attackers are probing Citrix controllers and gateways through recently patched flaws
Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins …
Zoom zero-day flaw allows code execution on victim’s Windows machine
A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …
Magecart Group 8 skimmed card info from 570+ online shops
Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group …
Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all
Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …
Better cybersecurity hinges on understanding actual risks and addressing the right problems
SANS Technology Institute’s Internet Storm Center (ISC) has been a valuable warning service and source of critical cyber threat information to internet users, …
Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit
Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, …
Microsoft fixes two RCE flaws affecting Windows 10 machines
Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws …
New EvilQuest macOS ransomware is a smokescreen for other threats
A new piece of ransomware dubbed EvilQuest (aka ThiefQuest) is being delivered bundled up with pirated versions of popular macOS software, researchers warned. But the …
Fake “DNS Update” emails targeting site owners and admins
Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. Scam emails lead to …
Critical flaw opens Palo Alto Networks firewalls and VPN appliances to attack, patch ASAP!
Palo Alto Networks has patched a critical and easily exploitable vulnerability (CVE-2020-2021) affecting PAN-OS, the custom operating system running on its next generation …
Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance
When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life (EOL) and support (EOS) on June 30, 2020, and that …
Cybercriminals are using IM platforms as marketplaces
Cybercriminals are increasingly using IM platforms like Telegram, Discord, Jabber, WhatsApp, IRC and others to advertise and sell their goods and services, IntSight …
Featured news
Resources
Don't miss
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform
- AI made crypto scams far more dangerous