Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676)
Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows …
LockBit leaks sensitive data from maximum security fence manufacturer
The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running …
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …
WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …
CyFox disclose Stremio vulnerability, developers don’t agree on findings
UPDATE: August 2, 10:21 AM PT The Stremio team published a blog post saying that they’ve received a report from CyFox, but that they did not consider it valid, so they …
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)
For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)
Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility …
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange
For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …
Qakbot: The trojan that just won’t go away
Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending …
New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …
Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …
Microsoft patches zero-day exploited by attackers (CVE-2023-28252)
It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About …
Featured news
Resources
Don't miss
- The AI safety conversation is focused on the wrong layer
- Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
- GitHub-hosted malware campaign uses split payload to evade detection
- Measuring security performance in real-time, not once a quarter
- Attackers are handing off access in 22 seconds, Mandiant finds