Cisco has fixed 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD appliances, including two critical-severity ...

The vulnerability, a Qualcomm zero-day, is an integer overflow in the Graphics subcomponent, which means, Adam Boynton, senior enterprise strategy manager at Jamf, told me, “an attacker could cause ...

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...

Threat actors are weaponizing a zero-day vulnerability in Dell RecoverPoint for Virtual Machines in a cyberattack campaign that drops a novel backdoor, according to new findings from Mandiant and ...

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

Google has released a security update for the Chrome browser to fix a zero-day vulnerability exploit that has been used by threat actors. This is the fifth time this year the company has had to issue ...

New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on an analysis of 138 different exploited vulnerabilities ...

A security advisory was issued for two vulnerabilities affecting the Seraphinite Accelerator WordPress plugin.

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...