Please turn on your JavaScript for this page to function normally.
malware
Fake Bitwarden installation packages delivered RAT to Windows users

Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website spoofing …

Kubernetes
Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676)

Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows …

LockBit leaks sensitive data from maximum security fence manufacturer

The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running …

WinRAR
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …

WinRAR
WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …

Stremio
CyFox disclose Stremio vulnerability, developers don’t agree on findings

UPDATE: August 2, 10:21 AM PT The Stremio team published a blog post saying that they’ve received a report from CyFox, but that they did not consider it valid, so they …

patch tuesday
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

Cisco
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility …

patch tuesday
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …

skull
Qakbot: The trojan that just won’t go away

Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending …

ransomware
New Buhti ransomware uses leaked payloads and public exploits

A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …

Patch Tuesday
Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass …

Don't miss

Cybersecurity news