Internet Security

Github rotated credentials after the discovery of a vulnerability

January 17, 2024 add comment
GitHub rotated some credentials after the discovery of a flaw that allowed access to the environment variables of a production container. After GitHub became aware of a vulnerability through... Read more »

FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation

January 17, 2024 add comment
U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI)... Read more »

Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

January 17, 2024 add comment
Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as... Read more »

Atlassian fixed critical RCE in older Confluence versions

January 16, 2024 add comment
Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerability,... Read more »

Google fixed the first actively exploited Chrome zero-day of 2024

January 16, 2024 add comment
Google has addressed the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. Google has released security updates to address the first Chrome... Read more »

VMware fixed a critical flaw in Aria Automation. Patch it now!

January 16, 2024 add comment
VMware warns customers of a critical vulnerability impacting its Aria Automation multi-cloud infrastructure automation platform. VMware Aria Automation (formerly vRealize Automation) is a modern cloud automation platform that simplifies... Read more »

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

January 16, 2024 add comment
Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors are... Read more »

Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

January 16, 2024 add comment
Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS... Read more »

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

January 15, 2024 add comment
Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities,... Read more »

Phemedrone info stealer campaign exploits Windows smartScreen bypass

January 15, 2024 add comment
Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver the Phemedrone info stealer. Trend Micro researchers uncovered a malware campaign exploiting the vulnerability CVE-2023-36025 (CVSS score 8.8) to... Read more »
Subscribe to our Newsletter