Tens of thousands Windows systems implanted with NSA’s DoublePulsar
Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances …
Attacks exploiting software vulnerabilities are on the rise
Attacks conducted with the help of exploits are among the most effective as they generally do not require any user interaction, and can deliver dangerous code without arousing …
Oracle fixes Solaris 10 flaw targeted by leaked NSA exploit
Oracle has pushed out a record-breaking 299 fixes for vulnerabilities in its many, many products, and among them is a Solaris 10 bug whose existence has been revealed through …
Microsoft patched the flaws allowing leaked Windows exploits to work
Microsoft has patched the vulnerabilities that allowed nine of the exploits released by the Shadow Brokers on Friday to work, and said that of the three remaining exploits, …
MS Office zero-day is used to infect millions of users with Dridex
The still unpatched MS Office zero-day vulnerability publicized by McAfee and FireEye researchers this weekend is being exploited to deliver the infamous Dridex banking …
Exploit revealed for remote root access vulnerability affecting many router models
Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco …
MS Office zero-day exploited in attacks – no enabling of macros required!
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched …
How attackers exploit whitelists
If there is a technology or security measure that can help organizations protect their assets from attackers or malware, you can be sure that attackers will try to find a way …
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers
Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited …
Medical washer-disinfector appliance’s web server open to attack
Here’s a string of words that you probably never thought you’ll hear: An Internet-connected washer-disinfector appliance by German manufacturer Miele sports a …
Hijacking Windows user sessions with built-in command line tools
Did you know that by using built-in command line tools, any user with system rights and permissions (usually a local administrator) can hijack the session of any logged-in …
Unpatched flaw opens Ubiquiti Networks devices to compromise
A critical vulnerability in many of Ubiquiti Networks’ networking devices can be exploited by attackers to take over control of the device and, if that device acts as a …
Featured news
Resources
Don't miss
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)