Angler exploit kit starts wielding Silverlight exploits
“Silverlight exploits are the drive-by flavor of the month,” claim Cisco researchers. “Exploit Kit owners are adding Silverlight to their update releases, …
Cybercriminals targeting unlikely sources to carry out high-profile exploits
Cybercriminals continuously discover more ways to successfully target new outlets for financial theft, according to Trend Micro. Greed is motivating cybercriminals to take a …
Small businesses targeted with email-borne exploits
Even though the data gathered by Microsoft points to the fact that cybercriminals now prefer deceptive tactics to exploits, it does not mean that the latter approach has been …
Researchers share details about recent IE 0-day exploit and its delivery
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability …
IE 0-day exploit actively used in attacks against US-based firms
Late on Saturday, Microsoft has published a security advisory warning about “limited, targeted attacks” exploiting a newly discovered zero day vulnerability that …
0-day Microsoft Word flaw exploited in targeted attacks
Microsoft has issued a security advisory warning of a remote code execution vulnerability that is being exploited in “limited, targeted attacks directed at Microsoft …
Gang wielding ColdFusion exploits expands botnet of hacked e-commerce sites
A German website of French automaker Citro?«n is the latest of the wide array of higher-profile webshop sites that have been compromised by a hacker gang leveraging Adobe …
Over 162,000 WordPress sites exploited in DDoS attack
DNS and NTP servers are not the only publicly accessible resources that can be misused to amplify DDoS attacks. Sucuri CTO Daniel Cid revealed details of a recent incident in …
Malware peddlers are trying out different exploit kits
Websense researchers have been following several recent email spam campaigns targeting users of popular services such as Skype and Evernote, and believe them to be initiated …
Microsoft EMET’s protections can be bypassed, researchers show
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a good piece of software and helpful for protecting non-kernel Microsoft applications and third-party …
Two hacker groups used same IE 0-day exploit in recent attacks
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French …
70% Android devices vulnerable to released remote access exploit
The recent release of a Metasploit module that allows attackers to remotely access (“get shell”) on most Android-running devices has again raised a very good …
Featured news
Resources
Don't miss
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)