vulnerability

Best ransomware removal tools
A ransomware splash screen displayed on a laptop in an office
ransomware

Best ransomware removal tools

The top free and paid toolkits available right now to protect you from hackers
14 Oct 2021
WordPress plugin exploit puts over 90,000 sites at risk
A user with WordPress on their desktop computer
vulnerability

WordPress plugin exploit puts over 90,000 sites at risk

Security firm Wordfence recommends users of the Brizy Page Builder plugin upgrade to the latest version immediately
14 Oct 2021
Kaspersky exposes MysterySnail zero-day exploit in Windows
A depiction of a bug on a blue binary background
zero-day exploit

Kaspersky exposes MysterySnail zero-day exploit in Windows

Elevation-of-privilege flaw could enable Chinese hackers to mount widespread spying campaign
13 Oct 2021
GitHub revokes duplicate SSH auth keys generated by keypair library
The GitHub sign in screen on a smartphone
cyber security

GitHub revokes duplicate SSH auth keys generated by keypair library

Git client GitKraken used the affected library
12 Oct 2021
BrewDog app flaw exposed data on 200,000 shareholders and customers, researchers claim
Different types of BrewDog beer cans stacked in a pile
data breaches

BrewDog app flaw exposed data on 200,000 shareholders and customers, researchers claim

Researchers at Pen Test Partners say API token exploit could have allowed hackers to access personal information and account details
8 Oct 2021
Visa card holders using Apple Pay warned of payment exploit that bypasses user authentication
Close-up view of man using Apple Pay paying for public transport
vulnerability

Visa card holders using Apple Pay warned of payment exploit that bypasses user authentication

Commuters are being urged to disable Apple Pay express transit mode for Visa cards
30 Sep 2021
100 million IoT devices affected by zero-day flaw
IoT network with hackers
Internet of Things (IoT)

100 million IoT devices affected by zero-day flaw

Vulnerability could affect car, fire detection, and patient data sensors
24 Sep 2021
New FamousSparrow hacking group caught targeting hotels
A laptop on a table with the Microsoft Exchange logo displayed
vulnerability

New FamousSparrow hacking group caught targeting hotels

Microsoft Exchange ProxyLogon flaw used in attacks
24 Sep 2021
Critical flaw in vCenter Server could give hackers infrastructure access
The entrance sign at VMware's headquarters in Palo Alto
vulnerability

Critical flaw in vCenter Server could give hackers infrastructure access

VMware is urging users to patch the 9.8-rated vulnerability as soon as possible
22 Sep 2021
Weekly threat roundup: Microsoft Patch Tuesday, HP Omen, Apple
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
exploits

Weekly threat roundup: Microsoft Patch Tuesday, HP Omen, Apple

Pulling together the most dangerous and pressing flaws that businesses need to patch
16 Sep 2021
Microsoft patches Internet Explorer zero-day under active attack
Bug surrounding by computer code and jargon
vulnerability

Microsoft patches Internet Explorer zero-day under active attack

The latest wave of Patch Tuesday fixes also included several updates to address the Print Spooler component in Windows
15 Sep 2021
Patch management vs vulnerability management
Plasters over a hard disc drive to symbolise patch management
enterprise security

Patch management vs vulnerability management

What exactly is patch management, and why should IT pros sit up and take notice of doing it properly?
14 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
A close-up of the Apple iPhone 12 mini's notch
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

The ForcedEntry flaw affects all Apple devices and allows hackers to compromise systems without any user interaction
14 Sep 2021
Weekly threat roundup: Atlassian, Microsoft Office, Zoho ManageEngine
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Atlassian, Microsoft Office, Zoho ManageEngine

Pulling together the most dangerous and pressing flaws that businesses need to patch
9 Sep 2021
Azure Container Instances users urged to ​​revoke privileged credentials after flaw discovery
A Microsoft Azure web page
Microsoft Azure

Azure Container Instances users urged to ​​revoke privileged credentials after flaw discovery

Microsoft says action needed "out of an abundance of caution" rather than as a response to a specific threat
9 Sep 2021
Hackers exploit Windows zero-day to target users with Office files
The Microsoft Word software on a computer screen
vulnerability

Hackers exploit Windows zero-day to target users with Office files

This ‘reliable and dangerous’ flaw is being abused to launch remote code execution attacks against specific targets
8 Sep 2021
Network-wide security flaw discovered in NPM package
Programming code abstract on a reflective background
vulnerability

Network-wide security flaw discovered in NPM package

“Pac-resolver” vulnerability could lead to remote code execution
7 Sep 2021
US officials warn of “mass exploitation” of Atlassian Confluence flaw
The Atlassian logo on the website seen through a magnifying glass
hacking

US officials warn of “mass exploitation” of Atlassian Confluence flaw

Hackers can exploit the workplace collaboration platform to execute arbitrary code remotely
6 Sep 2021
Google reveals five high-risk flaws in Chrome browser
Chrome thumbnail on a computer screen
vulnerability

Google reveals five high-risk flaws in Chrome browser

Updated Chrome 93 fixes these serious vulnerabilities
3 Sep 2021
Weekly threat roundup: Exchange Server, AMD CPUs, Azure Cosmos DB
Graphic showing a red unlocked padlock surrounded by blue locked padlocks
vulnerability

Weekly threat roundup: Exchange Server, AMD CPUs, Azure Cosmos DB

Pulling together the most dangerous and pressing flaws that businesses need to patch
2 Sep 2021
AMD Zen+, Zen 2 vulnerable to Meltdown-style attacks
AMD Epyc CPU
data processing

AMD Zen+, Zen 2 vulnerable to Meltdown-style attacks

Researchers find AMD CPUs can be manipulated just like Intel ones
31 Aug 2021
Microsoft Exchange Server flaw lets attackers misconfigure mailboxes
A laptop on a table with the Microsoft Exchange logo displayed
vulnerability

Microsoft Exchange Server flaw lets attackers misconfigure mailboxes

Microsoft has patched the ProxyToken vulnerability before any evidence of exploitation has emerged
31 Aug 2021
Critical flaw in IoT camera system could lead to remote takeover
Security cameras on the side of a building
vulnerability

Critical flaw in IoT camera system could lead to remote takeover

Network video recorder vulnerability could allow hackers to steal sensitive video recordings
27 Aug 2021