Vulnerabilities & Exploits
Zero-days, CVEs, and exploit chains
166 articles
Nearly every Linux system built since 2017 vulnerable to ‘Copy Fail’ flaw
A critical flaw, CVE-2024-5219, in the Linux kernel since 2017 allows local attackers to gain root access. Admins are urged to patch immediately.
A critical flaw in 911 systems could allow attackers to disrupt emergency services
A critical 9.8 CVSS vulnerability (CVE-2024-6074) in Intrado 911 gateways allows attackers to disrupt emergency services. Learn how to patch it.
Former ransomware negotiator pleads guilty in BlackCat conspiracy, exposing a critical insider threat
A former ransomware negotiator has pleaded guilty to conspiring with the BlackCat group, using his insider knowledge to help them attack U.S. companie
Former ransomware negotiator pleads guilty to working for BlackCat cyber gang
A trusted ransomware negotiator's guilty plea for colluding with the BlackCat gang reveals a shocking insider threat, eroding trust in the cyber respo
Lotus Wiper: A deep dive into the malware targeting Venezuela's energy sector
A new wiper malware, Lotus Wiper, was found targeting Venezuela's energy sector. Our analysis covers its destructive methods and geopolitical implicat
UK regulator launches investigation into Telegram over child safety failures
The UK's communications regulator, Ofcom, has launched a formal investigation into Telegram over its failure to prevent the sharing of CSAM.
UK regulator to probe Telegram, teen chat sites for potential child safety violations
Ofcom launches its first major investigation under the new Online Safety Act, targeting Telegram over allegations of CSAM distribution, setting a majo
When code kills: Lawmakers weigh terrorism and homicide charges for hospital ransomware attacks
In the wake of devastating attacks on the healthcare sector, U.S. lawmakers are exploring unprecedented legal actions, including terrorism and homicid
ZionSiphon malware targets water infrastructure systems with sabotage capabilities
A deep dive into ZionSiphon, a new malware targeting water systems with sabotage capabilities, and how utilities can defend against this critical thre
NIST scales back vulnerability data enrichment after 263% surge in submissions
NIST is limiting detailed analysis in its National Vulnerability Database (NVD) due to a massive increase in submissions, impacting security teams.
Three Microsoft Defender zero-days actively exploited; two still unpatched
Security firm Huntress warns of active exploitation of three Microsoft Defender zero-days, codenamed BlueHammer, RedSun, and UnDefend. Two remain unpa
London healthcare faces months of disruption after ransomware attack on key supplier
A major ransomware attack on pathology provider Synnovis has caused severe, ongoing disruption to London hospitals, highlighting critical supply chain
Most 'AI SOCs' are just faster triage, and that's not enough
Many AI security tools only speed up alert analysis, failing to reduce analyst workload. Experts argue real gains require AI that automates response a
ZionSiphon malware designed to sabotage water treatment systems
A new proof-of-concept malware, ZionSiphon, demonstrates how attackers can sabotage water treatment plants by manipulating industrial control systems.
ThreatsDay bulletin: A deep dive into the Defender 0-day, SonicWall attacks, and a 17-year-old Excel flaw
This week’s threat bulletin is a heavy one. We analyze the critical Microsoft Defender 0-day, a massive SonicWall brute-force campaign, and a 17-year-
Microsoft Defender's 'RedSun' zero-day: A researcher's protest and a threat to Windows systems
A researcher's protest exposed a critical zero-day in Microsoft Defender, allowing attackers full system control. Here's the technical breakdown and h
CISA cancels summer internships for cyber scholarship students amid DHS funding lapse
CISA has canceled its summer internships for CyberCorps® scholarship students, citing a DHS funding lapse and adding to a program already strained by
SAP patches critical vulnerability that could allow complete system takeover
SAP's May security update fixes a critical 9.6 CVSS vulnerability (CVE-2024-27296) that allows unauthenticated attackers to take full control of syste
Adobe patches critical zero-day that was exploited for months
Adobe has patched a critical zero-day (CVE-2024-34097) in Acrobat and Reader that was actively exploited via malicious PDFs for at least four months.
OpenAI rotates security certificates after supply chain attack hits development pipeline
A malicious package impersonating 'axios' was executed in a GitHub Actions workflow, forcing OpenAI to rotate potentially exposed macOS code-signing k
OpenAI issues Mac app update after developer tool hit by supply chain attack
OpenAI released a precautionary update for its macOS app after a developer tool used in its creation pulled a malicious version of a code library.
Docker flaw lets attackers bypass authorization to gain host access
A high-severity flaw in Docker Engine, CVE-2026-34040, allows attackers to bypass security plugins and gain full access to host systems.
AI-assisted campaign floods GitHub with over 300 malicious repositories
Researchers uncovered 'RepoStorm,' a campaign using AI to create hundreds of fake GitHub repositories that distribute info-stealing malware to develop
North Korean hackers spread over 1,700 malicious packages across major code registries
A North Korea-linked campaign has published over 1,700 malicious packages in multiple code registries, targeting developers using a wide array of lang