Blog Series
Flaw
Zimbra warns of critical zero-day...
Zimbra has warned of a critical zero-day security flaw in its email software that has been actively exploited in the wild. The vulnerability, which has been assigned the CVE identifier...
Mastodon fixes critical...
The maintainers of the open source software that powers the Mastodon social network have released a security update that patches a critical vulnerability that could have allowed hackers to backdoor...
New Android GravityRAT targets WhatsApp...
Security researchers from ESET have discovered an updated version of the Android GravityRAT spyware, which now focuses on infiltrating WhatsApp backups. GravityRAT, a remote access trojan that first emerged in...
Google uncovers severe security flaws...
Google’s Project Zero has discovered 18 zero-day vulnerabilities in Samsung’s Exynos chips, which attackers could use to completely compromise a phone without the user’s knowledge. The flaws affect a wide...
Two buffer overflow vulnerabilities uncovered...
Two buffer overflow vulnerabilities in the Trusted Platform Module (TPM) 2.0 specification could allow attackers to access or replace sensitive data such as cryptographic keys. Quarkslab security researchers uncovered the...
Google patches RCE...
Google has uncovered a critical Remote Code Execution (RCE) vulnerability in Chrome that could allow attackers to take control of affected systems. Users who are concerned about cyber attackers installing...
Mirai malware targets Linux servers...
Unit 42 researchers discovered “Mirai v3g4”, a new variant of the Mirai botnet that targets 13 unpatched vulnerabilities in Internet of Things (IoT) devices. The flaws have been discovered in...
NewsPenguin phishing attack targets maritime...
According to Blackberry researchers, a new phishing campaign dubbed “NewsPenguin” has been targeting Pakistan’s military-industrial complex for months, using an advanced malware tool to steal sensitive information. The campaign, which...
Dota 2 high severity flaw...
A game mode in Dota 2 exploited a high-severity vulnerability, allowing attackers to remotely execute code on the targeted system. The flaw was discovered in September 2022, but it went...
Unpatched QNAP storage devices exposed...
Censys, a security firm, has warned that up to 29,000 network storage devices manufactured by Taiwan-based QNAP are vulnerable to easily executed SQL injection attacks, granting complete control to unauthenticated...
Atlassian resolves critical security...
Atlassian has addressed a serious security vulnerability in its Jira Service Management Server and Data Center that could have allowed an attacker to impersonate another user and gain unauthorized access....