CISA adds Zimbra email bug to Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds a recently disclosed flaw in the Zimbra email suite to its Known Exploited...
US Critical Infrastructure Security Agency (CISA) adds a recently disclosed flaw in the Zimbra email suite to its Known Exploited...
peetch is a collection of tools aimed at experimenting with different aspects of eBPF to bypass TLS protocol protections. Currently,...
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch...
RapperBot is a new botnet employed in attacks since mid-June 2022 that targets Linux SSH servers with brute-force attacks. Researchers...
An unknown threat actor is targeting Russian organizations with a new remote access trojan called Woody RAT. Malwarebytes researchers observed an...
A critical flaw in multiple models of DrayTek Vigor routers can allow unauthenticated, remote attackers to fully compromise affected devices....
Taiwan government websites were temporarily forced offline by cyber attacks during the visit to Taipei of US House Speaker Nancy...
A fast tool to scan SAAS,PAAS App written in Go SAAS App Support : salesforce contentful (next version) Note flag...
The cryptocurrency bridge Nomad is the last victim of a cyber heist, threat actors stole almost $200 million of its...
Cisco fixes critical remote code execution vulnerability, tracked as CVE-2022-20842, impacting Small Business VPN routers. Cisco addressed a critical security...
Semikron, a German-based independent manufacturer of power semiconductor components, suffered a ransomware cyberattck. Semikron is a German-based independent manufacturer of power semiconductor components, it...
Researchers spotted a Chinese threat actors using a new offensive framework called Manjusaka which is similar to Cobalt Strike. Talos...
Google addressed a critical vulnerability in Android OS, tracked as CVE-2022-20345, that can be exploited to achieve remote code execution...
Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate...
Many experts often overlook hardware based security and its vital importance in establishing a secure workspace. When it comes to...
VMware patched a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. VMware has...
An affiliate of the LockBit 3.0 RaaS operation has been abusing the Windows Defender command-line tool to deploy Cobalt Strike payloads. During...
Gootkit access-as-a-service (AaaS) malware is back with tactics and fileless delivery of Cobalt Strike beacons. Gootkit runs on an access-a-as-a-service model, it...
Austria is investigating a report that an Austrian firm DSIRF developed spyware targeting law firms, banks and consultancies. At the...
The ALPHV/BlackCat ransomware gang claims to have breached the European gas pipeline Creos Luxembourg S.A. The ALPHV/BlackCat ransomware gang claims...
An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used...
Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc. Created by Nick Swink from Layer 8...
A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563...
The Federal Communications Commission (FCC) warned Americans of the rising threat of smishing (robotexts) attacks. The Federal Communications Commission (FCC)...