Security News

North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. [...]

The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. [...]

There are approximately 163 devices worldwide that are still exposed to attack via the CVE-2024-39717 vulnerability.

The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East...

Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed...

The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. [...]

Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. [...]

Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. [...]

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines...

Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade...