News

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

February 26, 2025

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

December 20, 2024

Dec 20, 2024Ravie LakshmananFirewall Security / Vulnerability Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited...

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

December 20, 2024

Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were...

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

December 20, 2024

Dec 20, 2024Ravie LakshmananVulnerability / Cyber Attack A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part...

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

December 20, 2024

Dec 20, 2024Ravie LakshmananCISA / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged...

NIST Introduces a Meta-Framework to Strengthen Supply Chain Traceability in Critical Infrastructure Sectors

December 19, 2024

NIST Researchers Hold an Automated Vehicle Research Day

December 19, 2024

NIST Announces 14 Candidates to Advance to the Second Round of the Additional Digital Signatures for the Post-Quantum Cryptography Standardization Process

December 19, 2024

macOS Security Compliance Project Developer Conference

December 19, 2024

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

December 19, 2024

Dec 19, 2024Ravie LakshmananSupply Chain / Software Security Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and...

1...343536...225 Page 35 of 225