HeadlinesFind the helpersFind the helpers5 days agoTALOSCISA: Second BeyondTrust Vulnerability Added to KEV Catalog6 days agoDARKReadingCISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks7 days agoThe Hacker NewsUS Treasury Department Admits It Got Hacked by China21 days agoWiredBelsen Group Leaks 15,000+ FortiGate Firewall ConfigurationsBelsen Group Leaks 15,000+ FortiGate Firewall Configurations1 day agoHackRead15K Fortinet Device Configs Leaked to the Dark Web4 days agoDARKReadingEarth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities1 year agoThe Hacker NewsResearchers Develop Exploit Code for Critical Fortinet VPN Bug1 year agoDARKReadingFortinet: Patched Critical Flaw May Have Been Exploited1 year agoDARKReadingFortinet 7.2.1 Authentication Bypass1 year agoPacket StormFortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability2 years agoThe Hacker NewsCyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw2 years agoDARKReadingCritical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs2 years agoHackReadCritical authentication bug in Fortinet products actively exploited in the wild2 years agoPortSwiggerJanuary Linux Patch WednesdayJanuary Linux Patch Wednesday2 days agoAlexander V. LeonovCVE-2025-0291: Chromium: CVE-2025-0291 Type Confusion in V87 days agoMicrosoft Security Response CenterApache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks28 days agoThe Hacker NewsGHSA-27hp-xhwr-wr2m: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability1 month agoghsaGHSA-5m7j-6gc4-ff5g: Mattermost fails to properly validate post propsGHSA-5m7j-6gc4-ff5g: Mattermost fails to properly validate post props6 days agoghsaGHSA-45v9-w9fh-33j6: Mattermost fails to properly validate post props6 days agoghsaGHSA-45v9-w9fh-33j6: Mattermost fails to properly validate post propsGHSA-45v9-w9fh-33j6: Mattermost fails to properly validate post props6 days agoghsaGHSA-5m7j-6gc4-ff5g: Mattermost fails to properly validate post props6 days agoghsaGHSA-2c6g-pfx3-w7h8: Insecure Temporary File in RESTEasyGHSA-2c6g-pfx3-w7h8: Insecure Temporary File in RESTEasy6 days agoghsaRed Hat Security Advisory 2024-1353-0310 months agoPacket StormRed Hat Security Advisory 2023-5165-011 year agoPacket StormRHSA-2023:5165: Red Hat Security Advisory: Red Hat AMQ Streams 2.5.0 release and security update1 year agoRed Hat Security DataRHSA-2023:4983: Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update1 year agoRed Hat Security DataCVE-2023-28955: Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data1 year agoCVECVE-2023-29741 year agoCVERHSA-2023:3809: Red Hat Security Advisory: Red Hat build of Quarkus 2.13.8 release and security update1 year agoRed Hat Security DataRHSA-2023:3185: Red Hat Security Advisory: Red Hat AMQ Broker 7.10.3 release and security update1 year agoRed Hat Security DataRed Hat Security Advisory 2023-2710-011 year agoPacket StormBelsen Group Leaks 15,000+ FortiGate Firewall ConfigurationsBelsen Group Leaks 15,000+ FortiGate Firewall Configurations1 day agoHackRead15K Fortinet Device Configs Leaked to the Dark Web4 days agoDARKReadingInside the ransomware playbook: Analyzing attack chains and mapping common TTPs6 months agoTALOSDouble-Extortion Play Ransomware Strikes 300 Organizations Worldwide1 year agoThe Hacker NewsCISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats1 year agoThe Hacker NewsMicrosoft patches 12 critical vulnerabilities, nine of which are in Layer 2 Tunneling Protocol1 year agoTALOSEarth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities1 year agoThe Hacker News2022's most routinely exploited vulnerabilities—history repeats1 year agoMalwarebytesMajor Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities1 year agoThe Hacker NewsResearchers Develop Exploit Code for Critical Fortinet VPN Bug1 year agoDARKReadingFortinet: Patched Critical Flaw May Have Been Exploited1 year agoDARKReadingFortinet 7.2.1 Authentication Bypass1 year agoPacket StormFortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability2 years agoThe Hacker NewsCyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw2 years agoDARKReadingCritical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs2 years agoHackReadEverything You Need to Know About LockBit2 years agoDARKReadingCritical authentication bug in Fortinet products actively exploited in the wild2 years agoPortSwiggerConcerns Over Fortinet Flaw Mount; PoC Released, Exploit Activity Grows2 years agoDARKReadingFind the helpersFind the helpers5 days agoTALOSCISA: Second BeyondTrust Vulnerability Added to KEV Catalog6 days agoDARKReadingCISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks7 days agoThe Hacker NewsUS Treasury Department Admits It Got Hacked by China21 days agoWiredNew UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious BootkitsNew UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits5 days agoThe Hacker NewsTrusted Apps Sneak a Bug Into the UEFI Boot Process5 days agoDARKReading3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update6 days agoThe Hacker NewsCVE-2024-7344: Cert CC: CVE-2024-7344 Howyar Taiwan Secure Boot Bypass7 days agoMicrosoft Security Response CenterGHSA-jhvj-f397-8w6q: HAL Console has a Cross Site Scripting (XSS) vulnerability of user inputGHSA-jhvj-f397-8w6q: HAL Console has a Cross Site Scripting (XSS) vulnerability of user input5 days agoghsaGHSA-5wjw-h8x5-v65m: Wildfly HAL Console Cross-Site Scripting7 days agoghsaNew Mirai Variant Murdoc_Botnet Launches DDoS Attacks via IoT ExploitsNew Mirai Variant Murdoc_Botnet Launches DDoS Attacks via IoT Exploits6 hours agoHackReadRussian Script Kiddie Assembles Massive DDoS Botnet1 month agoDARKReading‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks1 month agoHackReadUnpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks4 months agoThe Hacker NewsAVTECH IP Camera5 months agous-certThreat Actors Using Go-based HinataBot to launch DDoS Attacks1 year agoHackReadNew GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks1 year agoThe Hacker NewsNew DDoS Malware ‘Chaos’ Hits Linux and Windows Devices2 years agoHackReadChaos Malware Resurfaces With All-New DDoS & Cryptomining Modules2 years agoDARKReadingResearchers Warn of New Go-based Malware Targeting Windows and Linux Systems2 years agoThe Hacker NewsThe Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) has become more criticalThe Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) has become more critical5 days agoAlexander V. LeonovWhat has become known about the Elevation of Privilege – Windows Common Log File System Driver (CVE-2024-49138) vulnerability from the December Microsoft Patch Tuesday a month later?6 days agoAlexander V. LeonovPatch Tuesday, December 2024 Edition1 month agoKrebs on SecurityDecember Microsoft Patch Tuesday1 month agoAlexander V. LeonovActively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday1 month agoDARKReadingMicrosoft Patch Tuesday for December 2024 contains four critical vulnerabilities1 month agoTALOSCVE-2024-49138: Windows Common Log File System Driver Elevation of Privilege Vulnerability1 month agoMicrosoft Security Response Center12