Exploits and vulnerabilities

Zoom zero-day discovery makes calls safer, hackers $200,000 richer

April 8, 2021 - White hat hackers have demonstrated a Remote Code Execution attack against Zoom at the Pwn2Own event.

Read more

SAP warns of malicious activity targeting unpatched systems

April 7, 2021 - A jointly-released report from Onapsis and SAP has warned that cybercriminals are taking advantage of a failure to patch.

Read more

The npm netmask vulnerability explained so you can actually understand it

March 31, 2021 - A vulnerability in the popular npm netmask library has caused a lot of discussion and confusion. Let's try to make it simple.

Read more

ProxyLogon PoCs trigger a game of whack-a-mole

March 16, 2021 - Microsoft and others are trying to keep working ProxyLogon PoCs out of the hands of cybercriminals and script-kiddies.

Read more

Update now! Chrome fix patches in-the-wild zero-day

March 4, 2021 - Google has released a patch for yet another vulnerability in Chrome's audio component after it was exploited in the wild.

Read more

Patch now! Exchange servers attacked by Hafnium zero-days

March 3, 2021 - Microsoft has released updates to deal with 4 zero-day vulnerabilities being used in an attack chain aimed at users of Exchange Server.

Read more

Update now! Chrome patches zero-day that was exploited in the wild

February 5, 2021 - The successfully exploited vulnerability is suspected of being used in targeted attacks against security researchers.

Read more

RDP abused for DDoS attacks

January 29, 2021 - RDP is being abused to amplify DDoS attacks. Don't let your RDP ports become part of the problem.

Read more

DNSpooq bugs haunt dnsmasq

January 21, 2021 - If there's something strange in your DNS cache, who you gonna call?

Read more