Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

Microsoft’s monthly release of security updates Tuesday included fixes for six vulnerabilities that are considered to be ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...

The time between vulnerability disclosure and exploitation has plunged 94% over the past five years as threat actors ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...

Ivanti's enterprise VPN solution faces another instance of active exploitation due to a recent vulnerability, marking the third flaw discovered in Ivanti's Connect Secure VPN. One of the newly ...

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Code released just two days after CA warned customers and issued patch for security holes in its License Client and Server software Malicious hackers have released code that exploits a widespread ...