Internet Security

Broadcom fixed information disclosure flaws in VMware Aria Operations

January 31, 2025 add comment
Broadcom patched five flaws in VMware Aria Operations and Aria Operations for Logs that could lead to privilege escalation and credential theft. Broadcom addressed the following vulnerabilities in VMware... Read more »

DeepSeek database exposed highly sensitive information

January 30, 2025 add comment
Chinese AI platform DeepSeek has publicly exposed two databases containing highly sensitive user and backend details. Wiz Research discovered a publicly accessible ClickHouse database belonging to DeepSeek, exposing chat... Read more »

TeamViewer fixed a vulnerability in Windows client and host applications

January 30, 2025 add comment
TeamViewer has patched a high-severity privilege escalation vulnerability affecting its Windows client and host applications. TeamViewer released security patches for a high-severity elevation of privilege vulnerability, tracked as CVE-2025-0065... Read more »

Operation Talent: An international law enforcement operation seized Cracked, Nulled and other cybercrime websites

January 30, 2025 add comment
An international law enforcement operation targeted several major cybercrime websites, including Cracked, Nulled, Sellix, and StarkRDP.  An international law enforcement operation led by Europol, code-named Operation Talent, dismantled several... Read more »

PHP package Voyager flaws expose to one-click RCE exploits

January 30, 2025 add comment
The open-source PHP package Voyager is affected by three vulnerabilities that could be exploited to achieve one-click remote code execution on affected instances. Voyager is a popular open-source PHP package for... Read more »

Italy’s Data Protection Authority Garante requested information from Deepseek

January 30, 2025 add comment
Italy’s data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italy’s Data Protection Authority Garante has asked the AI firm DeepSeek to... Read more »

U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog

January 29, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple Multiple Products Use-After-Free... Read more »

Aquabot variant v3 targets Mitel SIP phones

January 29, 2025 add comment
A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet. Akamai researchers spotted a new variant of the Mirai-based... Read more »

Critical remote code execution bug found in Cacti framework

January 29, 2025 add comment
A critical flaw in Cacti open-source network monitoring and fault management framework that could allow remote code execution. Cacti is an open-source platform that provides a robust and extensible operational... Read more »

Attackers actively exploit a critical zero-day in Zyxel CPE Series devices

January 29, 2025 add comment
Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exploitation attempts targeting a zero-day, tracked as... Read more »
Subscribe to our Newsletter