The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to fix critical vulnerabilities in VMware products by Monday or remove the products from service.
Mult...
The Apache Log4j Log4Shell bug is one of the most critical vulnerabilities in the history of cybersecurity.
Hundreds of millions of devices use the Log4j component for various online services, amo...
The software supply chain is a critical element in the lifecycle of applications and websites. The interdependencies and components common in modern software development can increase the attack surf...
User's of F5's BIG-IP application services could be vulnerable to a critical flaw that allows an unauthenticated attacker on the BIG-IP system to run arbitrary system commands, create or delete files...
Hackers have found a way to infect Windows Event Logs with fileless malware, security researchers have found.
Kaspersky researchers on May 4 revealed “a new stash for fileless malware.” During a “...
Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations.
Nozomi Ne...
Databases contain some of the most critical data in enterprises, so vulnerabilities in them are serious issues.
Researchers at Singapore-based cybersecurity company Group-IB recently discovered tho...
Ransomware just keeps getting worse, it seems. Cybersecurity researchers last week revealed that a new ransomware gang called Onyx is simply destroying larger files rather than encrypting them.
As ...
The Microsoft 365 Defender Research Team has revealed several new Linux vulnerabilities collectively dubbed "Nimbuspwn." Like the Dirty Pipe vulnerability, they only need a local user with low capabil...
U.S. cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021.
Topping the list were the Log4Shell vulnerabili...