Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy...
OT / ICS
This category covers vulnerabilities, advisories, and threat activity affecting operational technology and industrial control systems, including issues related to critical infrastructure, manufacturing, utilities, and connected industrial environments.
An unauthenticated attacker can exploit the command injection vulnerability to gain remote access to robotic systems, causing...
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation...
Identity checks alone can’t stop attackers using stolen session tokens and compromised devices. Specops Software outlines why...
Drupal has announced a “core security release” scheduled for later today, warning that threat actors might develop...
PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) exploit that...
Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to...
GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a...
While the numbers are modest, the crackdown on cybercrime involved 13 countries in the MENA region, the...