The term “zero-day” indicates no time between developers discovering a vulnerability and attackers exploiting it. According to the Indusface zero-day vulnerability report, over 700 0-day vulnerabilities were identified in Q ...
Cisco was reported with a critical vulnerability last week, which has been actively exploited by threat actors in the wild. The vulnerability was assigned with the CVE-2023-20198 and was given a severity rating of 10.0 (Critical) ...
SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. ...
As previously reported, SysAid disclosed a zero-day issue affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability and was given CVE-2023-47426. Additionally, SysAid stated that th ...
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration. Over 5,000 companies and public sector users, along with hundreds of millions of end-users in more than 140 ...
Apple has released an emergency security update for patching two actively exploited zero-day vulnerabilities on iOS. The vulnerabilities were discovered earlier this month and are tracked as CVE-2023-42916, and CVE-2023-42917 aff ...
Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution. To address the actively exploited zer ...
Ivanti Connect Secure vulnerabilities were disclosed in January 2024 as a potential gateway for threat actors to penetrate corporate networks. The two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 were associated with au ...
The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive. This vulnerability was previously unknown which exis ...
This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program. Crowdfense is the ...