Exploits and vulnerabilities

CronRAT targets Linux servers with e-commerce attacks - We look at a stealthy RAT attack focusing on e-commerce Linux servers called CronRAT which does some inventive things with dates.
Windows Installer vulnerability becomes actively exploited zero-day - A variant of an already patched vulnerability was disclosed by a researcher frustrated by Microsoft's rewards.
Patch now! FatPipe VPN zero-day actively exploited - The FBI has revealed that APT actors have been abusing a zero-day in FatPipe's MPVPN, WARP, and IPVPN products since May.
Update now! Netgear vulnerability patched - Netgear has patched a vulnerability that allowed network adjacent attackers to remotely run code as root on the affected device.
[updated] Patch now! Microsoft plugs actively exploited zero-days and other updates - Another Patch Tuesday has come around, and while it may seem as a calm one for a change, there is enough to patch and update.
Update now! Mozilla fixes security vulnerabilities in Firefox 94 - Mozilla has issued patches for several vulnerabilities in the Firefox browser. We discuss some of the high impact issues.
Trojan Source: Hiding malicious code in plain sight - Researchers have revealed a cunning new class of attacks that allow threat actors to use to camouflage malicious code using homoglyphs and bidi control characters.
Google patches zero-day vulnerability, and others, in Android - Google has patched 39 vulnerabilities, some of which are rated as critical and one that may be under limited, targeted exploitation.
Update your OptinMonster WordPress plugin immediately - We look at a recent WordPress plugin compromise, explain what it is, and also what you have to do to ensure your blog and visitors are safe.

Select your language