vulnerability
Zoom zero-day flaw allows code execution on victim’s Windows machine
A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …
In the age of disruption, comprehensive network visibility is key
IT teams require comprehensive visibility into the network driven by a number of factors, including tremendous disruption from the COVID-19 pandemic, relentless technological …
Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all
Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …
Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit
Attackers are actively trying to exploit CVE-2020-5902, a critical vulnerability affecting F5 Networks‘ BIG-IP multi-purpose networking devices, to install coin-miners, …
Microsoft fixes two RCE flaws affecting Windows 10 machines
Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws …
40% of security pros say half of cyberattacks bypass their WAF
There are growing concerns around the number of businesses vulnerable to cyberattacks due to hackers’ ability to bypass their Web Application Firewall (WAF), Neustar reveals. …
A Boxcryptor audit shows no critical weaknesses in the software
More and more companies, self-employed and private customers are using Boxcryptor to protect sensitive data – primarily in the cloud. Boxcryptor ensures that nobody but …
Critical flaw opens Palo Alto Networks firewalls and VPN appliances to attack, patch ASAP!
Palo Alto Networks has patched a critical and easily exploitable vulnerability (CVE-2020-2021) affecting PAN-OS, the custom operating system running on its next generation …
New vulnerabilities in open source packages down 20% compared to last year
New vulnerabilities in open source packages were down 20% compared to last year suggesting security of open source packages and containers are heading in a positive direction, …
Massive complexity endangers enterprise endpoint environments
There’s a massive amount of complexity plaguing today’s enterprise endpoint environments. The number of agents piling up on enterprise endpoint devices – up on average – …
How attackers target and exploit Microsoft Exchange servers
Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could …
Duration of application DDoS attacks increasing, some go on for days
There were seven major application DDoS attacks over the previous month — two of which lasted 5-6 days, Imperva reveals. Additionally, the team found that 47% of account …
Featured news
Resources
Don't miss
- Secretless Broker: Open-source tool connects apps securely without passwords or keys
- Product showcase: Protect your data with Apricorn Aegis Secure Key 3NXC
- Microsoft introduces protection against email bombing
- Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
- Google patches actively exploited Chrome (CVE‑2025‑6554)