vulnerability

Security experts are warning that a pair of high-risk flaws in a popular remote access tool are being exploited by hackers to deploy LockBit ransomware — days after authorities announced…

A bug in the online forum for the fertility tracking app Glow exposed the personal data of around 25 million users, according to a security researcher. The bug exposed users’…

Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows. Last week, Ivanti said it had discovered two new security flaws…

A day after reporters published their first hands-on review of Apple’s Vision Pro, the technology giant released its first security patch for the mixed reality headset to fix a vulnerability…

Australian software giant Atlassian has warned of a critical security flaw that could lead to “significant data loss” for customers, just weeks after state-backed hackers targeted its products. In an…

Cybercriminals are exploiting a zero-day vulnerability in WinRAR, the venerable shareware archiving tool for Windows, to target traders and steal funds. Cybersecurity company Group-IB discovered the vulnerability, which affects the…

U.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10, affects…

Hackers are exploiting a newly discovered vulnerability in yet another enterprise file transfer software, the U.S. government’s cybersecurity agency has warned. CISA on Wednesday added a vulnerability in Citrix ShareFile,…

Hackers exploited a zero-day flaw in Ivanti’s mobile endpoint management software to compromise a dozen Norwegian government agencies — and thousands of other organizations could also be at risk. The…

U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis Stykas said…

Barracuda Networks has told customers they must replace vulnerable email gateway appliances following the disclosure of a critical security flaw. The technology company, which provides security, networking and storage products,…

Security researchers are sounding the alarm after hackers were caught exploiting a newly discovered vulnerability in a popular file transfer tool used by thousands of organizations to launch a new…

The U.S. government has sounded the alarm about a critical software vulnerability found in genomics giant Illumina’s DNA sequencing devices, which hackers can exploit to modify or steal patients’ sensitive…

Print management software maker PaperCut says attackers are exploiting a critical-rated security vulnerability to gain access to unpatched servers on customer networks. PaperCut offers two print management products, PaperCut NG…

Microsoft has patched a zero-day vulnerability affecting all supported versions of Windows, which researchers say hackers exploited to launch ransomware attacks. Microsoft said in a security alert on Tuesday that…

Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their own brand credit cards, confirmed hackers exploited a zero-day vulnerability in the company’s internal file transfer software…

Security researchers say they have uncovered a “new class” of vulnerabilities that could allow attackers to bypass Apple’s security protections in iOS and macOS to access users’ sensitive data. Trellix’s…

Apple on Monday released a new version of the iPhone and iPad’s operating systems to fix a vulnerability that hackers were exploiting in the wild, meaning they were taking advantage…

Microsoft says a vulnerability it discovered in a core macOS security feature, Gatekeeper, could have allowed attackers to compromise vulnerable Macs with malware. The flaw, tracked as CVE-2022-42821, was first…

The vulnerability in the door entry security system, used in government buildings and apartment complexes, cannot be fixed.

A security vulnerability in Abode’s all-in-one home security system could allow malicious actors to remotely switch off customers’ security cameras. Abode’s Iota All-In-One Security Kit is a DIY home security…

WhatsApp has published details of a “critical”-rated security vulnerability affecting its Android app that could allow attackers to remotely plant malware on a victim’s smartphone during a video call. Details…

Microsoft has released security fixes for a zero-day vulnerability affecting all supported versions of Windows that has been exploited in real-world attacks. The zero-day bug, tracked as CVE-2022-37969, is described…

Apple has released another round of security updates to address vulnerabilities in iOS and macOS, including a new zero-day flaw that is being actively exploited by attackers. The zero-day flaw, tracked…

Twitter says it has fixed a security vulnerability that allowed threat actors to compile information of 5.4 million Twitter accounts, which were listed for sale on a known cybercrime forum.…

Security vulnerabilities in a popular Chinese-built GPS vehicle tracker can be easily exploited to track and remotely cut the engines of at least a million vehicles around the world, according…

RapidFort, a startup that helps developers reduce the potential attack surface of their applications by automatically removing unused software components from their containers, today announced that it has raised an…