More results...
Google has tripled the full reward amount for the first security bug report that includes a functional full chain exploit of its popular Chrome browser. Six months of higher rewards for a Chrome full chain exploit The Chrome Vulnerability Rewards Progr…
Kaspersky said its corporate network has been targeted with a zero-click iOS exploit, just as Russia’s FSB said iPhones have been targeted by US intelligence.
The post Russia Blames US Intelligence for iOS Zero-Click Attacks appeared first on Security…
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CVE-…
The US Cybersecurity and Infrastructure Security Agency (CISA) has included a newly patched critical severity flaw in Zyxel gear to its catalog of Known Exploited Vulnerabilities (KEV). The agency noted that the security flaw was added to the list beca…
The owner of WordPress, Automat, has started the process of force installing a security update on millions of websites. The security update is being installed with the help of the WordPress Security Team. The patch will help address a critical vulnerab…
Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of three types of malware and data exfiltration. The company did not say how many…
Threat actors are abusing generative AI to carry out child sex abuse material (CSAM), disinformation, fraud and extremism, according to ActiveFence. “The explosion of generative AI has far-reaching implications for all corners of the internet,…
A new botnet known as Dark Frost has been detected to be behind a distributed denial-of-service (DDoS) attack within the gaming industry. The botnet has expanded in terms of activity and it has now resulted in the compromise of hundreds of devices that…
Hackers have been launching ongoing attacks targeting WordPress sites. These attacks have been targeted at an unauthenticated stored cross-site scripting (XSS) vulnerability within a WordPress cookie consent plugin known as Beautiful Cookie Consent Ban…
When it comes to securing applications, the best solution that any organization can use is Static Application Security Testing (SAST). This is not only a great solution but a crucial part of any comprehensive application security strategy. By using SAS…