CSO Online1d
Ivanti EPM vulnerabilities actively exploited in the wild, CISA warns
Three of the four critical path traversal flaws fixed in January in Ivanti Endpoint Manager are being exploited in ...
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows ...
The Hacker News2d
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Ballista botnet exploits TP-Link router flaw CVE-2023-1389, infecting 6,000+ devices worldwide and evolving to use TOR.
The on-sale bar and commercial exploitation by patentees
Eric J. Fues and Kyle W. Howarth of Finnegan discuss decisions exploring the multi-pronged analysis in patent law for ...
Thousands of TP-Link routers have been infected by a botnet to spread malware
A new botnet campaign is exploiting a high-severity security flaw in unpatched TP-Link routers and has already spread to more ...
The Hacker News10d
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Paragon Software patches CVE-2025-0289, a zero-day flaw in BioNTdrv.sys, exploited for privilege escalation and ransomware ...
Hackaday6d
This Week In Security: Zen Jailbreak, Telegram Exploit, And VMware Hyperjack
The fine researchers at Google have released the juicy details on EntrySign, the AMD Zen microcode issue we first covered ...
Infosecurity Magazine10d
BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager
Threat actors are exploiting a zero-day bug in Paragon Partition Manager's BioNTdrv.sys driver during ransomware attacks ...
'You can now jailbreak your AMD CPU' — Google researchers release kit to exploit microcode vulnerability in Ryzen Zen 1 to Zen 4 chips
A team of Google researchers has discovered an exploit allowing users to write and insert their own microcode on AMD chips ...
Microsoft Fixes Six Actively-Exploited 0-Day Flaws In Patch Tuesday Rollout, Update ASAP
Microsoft released patches for 57 security flaws, six of which are already being exploited, while cybersecurity experts ...
What is device code phishing, and why are Russian spies so successful at it?
Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack ...
Bleeping Computer27d
SonicWall firewall bug leveraged in attacks after PoC exploit release
Attackers are now targeting an authentication bypass vulnerability affecting SonicWall firewalls shortly after the release of proof-of-concept (PoC) exploit code. This security flaw (CVE-2024 ...