Malware & Exploits

Denial of Service (DoS) attacks are a special type of cybersecurity threat. The attacker does not need to hack your systems or find a gap in your security posture. The...

We first reported on W4SP Stealer in November in response to widespread news of a new Python supply chain attack. Unfortunately, as it so often happens, W4SP Stealer looks like...

There is one vulnerability exploited every 2 hours and attackers can cause significant disruption, downtime, and revenue loss. Before divulging into the cloud patching know-how, it’s imperative to learn about...

As part of developing and testing new patches, the KernelCare team has reevaluated the impact of the Retbleed patches. We have serious concerns that the patches may introduce instability and...

We continue to look at the code issues that cause the vulnerabilities impacting the IT world. In this installment of our five-part blog series exploring these bugs, we go through...

Last year, CISA created a list of vulnerabilities being actively exploited and a list of applications directly affected by those vulnerabilities. Over time, the list has been updated to reflect...

It’s common to hear about new vulnerabilities and exploits, some of which even get fancy names of their own, but sometimes the details of how they appear are buried under...

ESET researchers have uncovered the malicious activities of Lazarus, a North Korean hacking group that exploits a Dell hardware driver flaw for Bring Your Own Vulnerable Driver attacks. In order...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Bitbucket Server RCE and two Microsoft Exchange zero-days to its list of exploited vulnerabilities. The Bitbucket flaw is a...

While many were away enjoying some well-deserved R&R, security researchers, hackers wearing hats of all different colors, and intelligence agents from all over the world congregated at the Black Hat...

According to researchers from Lumen-based Black Lotus Lab, a new Chaos malware is targeting multiple architectures to spread DDoS, cryptocurrency miners, and install backdoors. The malware is written in Go...