vulnerabilities Archives

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

Microsoft fixes 159 vulnerabilities in first Patch Tuesday of 2025

In its latest security update, Microsoft has addressed a total of 159 vulnerabilities, covering a broad spectrum of the tech giant’s products, including .NET, Visual Studio, Microsoft…

3 days ago By Greg Otto

CISA report touts cyber hygiene enrollment surge for critical infrastructure orgs

The cyber agency said that surge has fueled “a moderate impact” in CI sectors meeting its cybersecurity performance goals.

Jan 10, 2025 By Matt Bracken

New zero-day exploit targets Ivanti VPN product

After Ivanti detected the activity, Mandiant says it found malware in impacted devices associated with a Chinese-linked threat group.

Jan 9, 2025 By Matt Bracken

Android patches several vulnerabilities in first security update of 2025

The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting the core components of Android’s system.

Jan 7, 2025 By Greg Otto

Industrial networking manufacturer Moxa reports ‘critical’ router bugs

Moxa says the flaws can be used to bypass user authentication, escalate privileges and gain root access to devices.

Jan 6, 2025 By Derek B. Johnson

On Dec. 27, VulnCheck detailed the vulnerability, tracked as CVE-2024-12856, wherein an attacker can leverage default credentials in Four-Faith F3x24 and F3x36 routers to remotely inject commands into the operating system. (Getty Images)

Thousands of industrial routers vulnerable to command injection flaw

The vulnerability, found in versions of Four-Faith routers, appears to have been exploited in the wild and has been connected to attempted infections of Mirai.

Dec 30, 2024 By Derek B. Johnson

Clop is back to wreak havoc via vulnerable file-transfer software

In what we can assure you is a new cybersecurity incident despite sounding incredibly similar to incidents of past notoriety: threat actors tied to a notorious ransomware…

Dec 17, 2024 By Greg Otto

Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images)

More bugs in Palo Alto Expedition see active exploitation, CISA warns

Hackers have been actively targeting the firewall management software through multiple vulnerabilities.

Nov 15, 2024 By Christian Vasquez

PARIS, FRANCE – JUNE 04: In this photo illustration the GitHub logo is seen on the screen of an iPhone in front of a computer screen showing a Microsoft logo on June 04, 2018 in Paris, France. (Photo Illustration by Chesnot/Getty Images)

GitHub patches critical vulnerability in its Enterprise Servers

The “severe” flaw could allow attackers full access to instances.

Oct 16, 2024 By Christian Vasquez

National Cyber Director Harry Coker speaks at Recorded Future’s Predict 2024 conference. (Photo Courtesy of Recorded Future)

White House is prioritizing secure internet routing, using memory safe languages

National Cyber Director Harry Coker says the Biden administration is focusing on securing foundational technologies.

Oct 9, 2024 By Christian Vasquez