Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

FortiSIEM:Proof-of-Concept Exploit for Critical Vulnerability Publicly Available

Fortinet has closed a critical FortiSIEM vulnerability. A proof-of-concept exploit increases the likelihood of attacks.
Windows Report

Microsoft Confirms Active Office Zero-Day Exploit, Deploys Emergency Fix

Microsoft releases an urgent out-of-band update for a critical Office zero-day flaw already exploited in real-world attacks.
TechRepublic

Threat Actors Are Exploiting Vulnerabilities Faster Than Ever

New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on an analysis of 138 different exploited vulnerabilities ...
TechRepublic

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious ...

As of this writing, the game is currently sitting at a “Very Positive” review score on Steam, having amassed roughly 1,876 reviews and, according to VG Insights, over 113,000 individual purchases.
Security Boulevard

JFrog Researchers Uncover RCE Exploit for Existing Redis Database Vulnerability

JFrog this week published an analysis of a vulnerability in Redis databases that may be more serious than initially thought following the discovery of a ...
WeLiveSecurity

RomCom exploits Firefox and Windows zero days in the wild

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

Matcha Meta breach tied to SwapNet exploit drains up to $16.8M

Matcha Meta users were exposed via a SwapNet smart contract exploit, with up to $16.8M stolen on Base, highlighting ongoing approval risks.
CRN

Cisco Discloses High-Severity Vulnerability, Exploit Code Released

The tech giant has provided a patch for the root escalation vulnerability, which affects a number of devices that run the Cisco Integrated Management Controller. Cisco disclosed a new high-severity ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
The Verge

PSA: Update Chrome browser now to avoid an exploit already in the wild

An active exploit could leave your system vulnerable to data theft and malicious code. A critical security update is rolling out now. An active exploit could leave your system vulnerable to data theft ...