exploit

December 24, 2024

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions of systems to potential remote…
Read More »
December 21, 2024

Windows 11 Vulnerability Lets Attackers Execute Code to Gain Access

Microsoft has swiftly addressed a critical security vulnerability affecting Windows 11 (version 23H2), which could allow local attackers to escalate…
Read More »
December 21, 2024

Foxit PDF Editor Vulnerabilities Allows Remote Code Execution

Foxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF Reader and Foxit PDF Editor.…
Read More »
December 17, 2024

Cyber Criminals Exploit Windows Management Console to Deliver Backdoor Payloads

A recent campaign dubbed FLUX#CONSOLE has come to light, leveraging Microsoft Common Console Document (.MSC) files to infiltrate systems with backdoor malware.…
Read More »
December 16, 2024

Hackers Exploiting Apache Struts2 Vulnerability to upload Malicious Payloads

Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used open-source framework for developing Java web…
Read More »
December 12, 2024

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Details have emerged about a now-patched security vulnerability in Apple’s iOS and macOS that, if successfully exploited, could sidestep the…
Read More »
December 11, 2024

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious…
Read More »
December 5, 2024

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with…
Read More »
December 5, 2024

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor…
Read More »
November 28, 2024

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting…
Read More »

Previous page Next page