
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)
A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after …

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …

Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)
When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …

Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 …

Attackers are developing and deploying exploits faster than ever
While there was a reduction in the widespread exploitation of new vulnerabilities in 2022, the risk remains significant as broad and opportunistic attacks continue to pose a …

PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …

Tracking the adversary
Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was …

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)
Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on …

5 Kali Linux tools you should learn how to use
Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. …

IRISSCERT brings eminent cybersecurity experts to its conference in Dublin
The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference …

Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …

Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)
A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the …
Featured news
Resources
Don't miss
- The risks of autonomous AI in machine-to-machine interactions
- Balancing cloud security with performance and availability
- The XCSSET info-stealing malware is back, targeting macOS users and devs
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
- Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme