Experts from Trellix Threat Labs have shared research on multiple vulnerabilities in an industrial control system (ICS) used to grant physical access to protected facilities, and integrated into building automationRead More →
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security alert regarding a set of vulnerabilities that would allow malicious hackers to take control of Illumia genetic analysis devices.Read More →
Threat actors could exploit a critical zero-day vulnerability in Windows Search to run remotely hosted malware just by automatically opening a search window with a Word document. According to theRead More →
Rapid7 cybersecurity specialists report that thousands of Zyxel firewalls could be exposed to remote attacks due to a recently detected vulnerability. While the company has already released the corresponding patches,Read More →
Microsoft announced the release of several security updates to address a severe vulnerability in the Azure Synapse and Azure Data Factory pipelines whose exploitation would allow threat actors to executeRead More →
At least one sophisticated hacking group has been exploiting a critical remote code execution (RCE) vulnerability in VMware Workspace ONE Access. Tracked as CVE-2022-22954, the flaw was addressed in aRead More →
After multiple rumors, researchers from security firm Trend Micro confirmed that the Spring4Shell vulnerability is being exploited by Mirai botnet hackers. As previously reported, CVE-2022-22965 and CVE-2022-22963 are critical vulnerabilitiesRead More →
Developers addressed a command injection vulnerability in asciidoctor-include-ext, a popular Ruby library that allows users to parse and convert AsciiDoc files. According to the report, this vulnerability allows remote codeRead More →
VMware released a critical security alert to address various vulnerabilities found in Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. AccordingRead More →