Risks of OOB Access via IP KVM Devices
Recently, a new “breed” of IP-based KVM devices has been released. In the past, IP-based KVM devices required dedicated “server-grade” hardware using IPMI. They often cost several $100 per server a...
Recently, a new “breed” of IP-based KVM devices has been released. In the past, IP-based KVM devices required dedicated “server-grade” hardware using IPMI. They often cost several $100 per server a...
A hacker using the alias 1011 has claimed to breach a NordVPN development server, posting what appears to be database dumps and configuration samples on the latest version of BreachForums. The leak...
New Zealand health minister Simeon Brown has ordered a review into the cyberattack at ManageMyHealth. Brown told reporters on Monday that he asked the government to begin reviewing the incident, in...
A leak from Knownsec, a major Chinese cybersecurity firm, exposes how the firm operated far beyond the role of a conventional defense vendor. It combined the development of cyberweapons with large-...
Join us on a deep dive into an electronic detection and response system deployed by China’s security agencies to prevent the leakage of confidential documents from government workstations. The tool...
A dangerous cybercrime feedback loop has emerged where stolen credentials from infostealer malware enable attackers to hijack legitimate business websites and turn them into malware distribution pl...
Threat actors associated with the “Scattered Lapsus$ Hunters” (SLH) claim to have breached the systems of cybersecurity firm Resecurity and stolen internal data, while Resecurity says the attackers...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-12245 n/a - chatwoot A...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2025-68920 kermitproject - C-Kerm...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2021-47720 Orangescrum - orangesc...
For nearly two decades, an Iran-backed hacking group, known as Prince of Persia, has quietly operated since 2007, targeting governments, critical infrastructure, and dissidents of the Iranian regim...
With hackers already knocking at the gates, around 120,000 WatchGuard Firebox firewalls, which protect thousands of companies, remain unpatched and vulnerable to a critical flaw, according to the l...
A popular software tool used by website owners to check their server’s health is now being used by hackers to take complete control of computers. Researchers at the cybersecurity firm Ontinue have ...
BlindEagle, a South American threat group, has launched a sophisticated campaign against Colombian government agencies, demonstrating an alarming evolution in attack techniques. Remarkably, the phi...
Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in U...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2023-25068 Mapro Collins - Magazi...
Kimwolf is a newly discovered Android botnet linked to the Aisuru botnet that has infected over 1.8 million devices and issued more than 1.7 billion DDoS attack commands, according to XLab. The Ki...
Known since 2014, the Cloud Atlas group targets countries in Eastern Europe and Central Asia. Infections occur via phishing emails containing a malicious document that exploits an old vulnerability...
FE assesses that the pro-Russian group Z-Pentest, responsible for a destructive cyberattack against a Danish waterworks in 2024, has connections to the Russian state. They also assess that the grou...
The RansomHouse ransomware-as-a-service (RaaS) has recently upgraded its encryptor, switching from a relatively simple single-phase linear technique to a more complex, multi-layered method. RansomH...