HeadlinesAndroxgh0st Botnet Targets IoT Devices, Exploiting 27 VulnerabilitiesAndroxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities4 days agoHackReadCisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability18 days agoHackReadDecade-Old Cisco Vulnerability Under Active Exploit19 days agoDARKReadingCisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability19 days agoThe Hacker NewsPHP-CGI Argument Injection Remote Code Execution1 month agoPacket StormPHP-CGI Argument Injection Susceptibility Scanner1 month agoPacket StormAndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services1 month agoThe Hacker NewsAndroxgh0st Botnet Integrates Mozi, Expands Attacks on IoT Vulnerabilities1 month agoHackReadHackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor4 months agoThe Hacker NewsGentoo Linux Security Advisory 202408-324 months agoPacket StormPHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks5 months agoThe Hacker NewsPHP CGI Argument Injection Remote Code Execution6 months agoPacket StormPHP Remote Code Execution6 months agoPacket StormTellYouThePass Ransomware Group Exploits Critical PHP Flaw6 months agoDARKReadingCVE-2021-41277: GeoJSON URL validation fix (#17990) · metabase/metabase@042a36e3 years agoCVECVE-2021-41277: GeoJSON URL validation fix (#17990) · metabase/metabase@042a36e3 years agoCVECVE-2021-26086: [JRASERVER-72695] Limited Remote File Read/Include in Jira Software Server - CVE-2021-26086 - Create and track feature requests for Atlassian products.3 years agoCVECVE-2021-260863 years agoCVECVE-2021-260863 years agoCVEHackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS KeysHackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS Keys5 days agoHackReadUbuntu Security Notice USN-6569-111 months agoPacket StormBeware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with VenomRAT1 year agoThe Hacker NewsFake PoC Script Used to Trick Researchers into Downloading VenomRAT1 year agoHackReadGentoo Linux Security Advisory 202309-041 year agoPacket StormAugust 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper1 year agoAlexander V. LeonovWinRAR Security Flaw Exploited in Zero-Day Attacks to Target Traders1 year agoThe Hacker NewsUpdate now! WinRAR files can be abused to run malware1 year agoMalwarebytesNew WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC1 year agoThe Hacker NewsFBI Warns of HiatusRAT Malware Targeting Webcams and DVRsFBI Warns of HiatusRAT Malware Targeting Webcams and DVRs4 days agoHackReadFBI Warns of HiatusRAT Malware Targeting Webcams and DVRs4 days agoHackReadRussian Script Kiddie Assembles Massive DDoS Botnet25 days agoDARKReading‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks26 days agoHackReadCISA Urges Federal Agencies to Patch Versa Director Vulnerability by September4 months agoThe Hacker NewsHackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices1 year agoThe Hacker NewsJoint Advisory AA22-279A and Vulristics2 years agoAlexander V. LeonovChinese APT's favorite vulnerabilities revealed2 years agoMalwarebytesCybercriminals Are Selling Access to Chinese Surveillance Cameras2 years agoThreatpostThousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug2 years agoDARKReadingThousands of Hikvision video cameras remain unpatched and vulnerable to takeover2 years agoMalwarebytesCVE-2021-36260: Command Injection Vulnerability3 years agoCVECVE-2021-36260: Command Injection Vulnerability3 years agoCVECVE-2021-36260: Security Notification - Command Injection Vulnerability in Some Hikvision products3 years agoCVECVE-2021-33044: Security Advisory - Identity authentication bypass vulnerability found in some Dahua products3 years agoCVECVE-2021-33045: Security Advisory - Identity authentication bypass vulnerability found in some Dahua products3 years agoCVEFBI Warns of HiatusRAT Malware Targeting Webcams and DVRsFBI Warns of HiatusRAT Malware Targeting Webcams and DVRs4 days agoHackReadFBI Warns of HiatusRAT Malware Targeting Webcams and DVRs4 days agoHackReadRussian Script Kiddie Assembles Massive DDoS Botnet25 days agoDARKReading‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks26 days agoHackReadCISA Urges Federal Agencies to Patch Versa Director Vulnerability by September4 months agoThe Hacker NewsHackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices1 year agoThe Hacker NewsJoint Advisory AA22-279A and Vulristics2 years agoAlexander V. LeonovChinese APT's favorite vulnerabilities revealed2 years agoMalwarebytesCybercriminals Are Selling Access to Chinese Surveillance Cameras2 years agoThreatpostThousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug2 years agoDARKReadingThousands of Hikvision video cameras remain unpatched and vulnerable to takeover2 years agoMalwarebytesCVE-2021-36260: Command Injection Vulnerability3 years agoCVECVE-2021-36260: Command Injection Vulnerability3 years agoCVECVE-2021-36260: Security Notification - Command Injection Vulnerability in Some Hikvision products3 years agoCVECVE-2021-33044: Security Advisory - Identity authentication bypass vulnerability found in some Dahua products3 years agoCVECVE-2021-33045: Security Advisory - Identity authentication bypass vulnerability found in some Dahua products3 years agoCVEFortinet Addresses Unpatched Critical RCE VectorFortinet Addresses Unpatched Critical RCE Vector3 days agoDARKReadingFortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits3 days agoThe Hacker NewsCVE-2023-48782: Fortiguard12 months agoCVEGHSA-g5vr-rgqm-vf78: Spring Framework Path Traversal vulnerabilityGHSA-g5vr-rgqm-vf78: Spring Framework Path Traversal vulnerability3 days agoghsaRed Hat Security Advisory 2024-10700-0319 days agoPacket StormExploring vulnerable Windows driversExploring vulnerable Windows drivers3 days agoTALOSLenovo Diagnostics Driver Memory Access1 year agoPacket StormUS Ban on TP-Link Routers More About Politics Than Exploitation RiskUS Ban on TP-Link Routers More About Politics Than Exploitation Risk2 days agoDARKReadingAndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services1 month agoThe Hacker NewsAndroxgh0st Botnet Integrates Mozi, Expands Attacks on IoT Vulnerabilities1 month agoHackReadVarious Botnets Pummel Year-Old TP-Link Flaw in IoT Attacks8 months agoDARKReadingTP-Link Archer AX21 Command Injection1 year agoPacket StormNew DDoS Botnet ‘Condi’ Targets Vulnerable TP-Link AX21 Routers1 year agoHackReadNew Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks1 year agoThe Hacker NewsOracle WebLogic Server vulnerability added to CISA list as “known to be exploited”1 year agoMalwarebytesAlert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected1 year agoThe Hacker NewsMicrosoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware1 year agoThe Hacker NewsOrgs Scramble to Fix Actively Exploited Bug in Apache Struts 2Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 23 days agoDARKReadingPatch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected5 days agoThe Hacker NewsGHSA-43mq-6xmg-29vm: Apache Struts file upload logic is flawed11 days agoghsaNovember 2023 – January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review10 months agoAlexander V. LeonovGoogle Fixes Nearly 100 Android Security Issues11 months agoWired Recently-patched Apache Struts vulnerability used in worldwide attacks 12 months agoMalwarebytes Microsoft patches 34 vulnerabilities, including one zero-day 12 months agoMalwarebytesNew Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now12 months agoThe Hacker NewsGHSA-2j39-qcjm-428w: Apache Struts vulnerable to path traversal12 months agoghsaCVE-2023-5016412 months agoCVEGHSA-27hp-xhwr-wr2m: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerabilityGHSA-27hp-xhwr-wr2m: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability2 days agoghsaGHSA-5j33-cvvr-w245: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability5 days agoghsa1