Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows ...

Three of the four critical path traversal flaws fixed in January in Ivanti Endpoint Manager are being exploited in ...

A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat ...

Ballista botnet exploits TP-Link router flaw CVE-2023-1389, infecting 6,000+ devices worldwide and evolving to use TOR.

A new botnet campaign is exploiting a high-severity security flaw in unpatched TP-Link routers and has already spread to more ...

Threat actors are exploiting a zero-day bug in Paragon Partition Manager's BioNTdrv.sys driver during ransomware attacks ...

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip author Igor Pavlov swiftly dismiss ...

We’re primarily hardware hackers, but every once in a while we see a software hack that really tickles our fancy. One such hack is Stegosploit, by [Saumil Shah]. Stegosploit isn’t really an ...

In 2024, cyber-criminals have launched attacks within 48 hours of discovering a vulnerability, with 61% of hackers using new exploit code in this short timeframe. Companies faced an average of 68 days ...

Losses to crypto scams, exploits and hacks totaled nearly $1.53 billion in February, with the $1.4 billion Bybit hack ...

Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack ...

Exploit code already exists for one of them. Palo Alto currently uses the consistently lower "temporal score" for the risk assessment; other providers usually use the acute CVSS value. This shows ...