Live Feeds
-
Top 10 Signs a CVE Needs Emergency Patching
Emergency CVE patching starts with the right signals. These 10 indicators help defenders identify which vulnerabilities need immediate action based on exploitation evidence, exposure, exploit maturity, and business impact.
-
Cisco Talos links UAT-9244 to TernDoor, PeerTime, and BruteEntry attacks on South American telecoms
Cisco Talos says China-nexus actor UAT-9244 has targeted South American telecommunications providers since 2024, using the TernDoor and PeerTime backdoors alongside the BruteEntry scanner to maintain access across Windows, Linux, and edge devices.
-
FortiGate devices exploited to steal service account credentials and breach networks
SentinelOne says attackers are abusing FortiGate appliances as entry points, extracting configuration data, harvesting service account credentials, and using that access to move deeper into victim networks.
-
CISA adds two actively exploited vulnerabilities to KEV catalog
CISA has added two vulnerabilities to its Known Exploited Vulnerabilities catalog in a March 13 alert, requiring federal agencies to remediate the flaws by a set deadline under Binding Operational Directive 22-01.
-
Meta disables 150,000 accounts linked to Southeast Asia scam centers
Meta says it disabled more than 150,000 Facebook and Instagram accounts tied to scam center networks in Southeast Asia during a joint international disruption effort that also led to arrests in Thailand.
-
CISA adds five actively exploited vulnerabilities to KEV catalog
CISA has added five vulnerabilities affecting Advantive VeraCore, Ivanti EPM, Microsoft .NET Framework, and D-Link DIR-859 routers to its Known Exploited Vulnerabilities catalog, ordering federal agencies to remediate them by set deadlines.
-
INTERPOL operation takes down 45,000 malicious IPs and leads to 94 arrests
INTERPOL says Operation Synergia III dismantled more than 45,000 malicious IP addresses and servers used in phishing, malware, and ransomware activity, resulting in 94 arrests across 72 countries and territories.
-
Apple updates older iPhones and iPads for WebKit flaw exploited in Coruna spyware attacks
Apple has released security updates for older iPhone and iPad models to fix a WebKit vulnerability that was exploited in the wild and linked to Coruna spyware attacks.
-
Veeam patches critical Backup & Replication flaws that allow remote code execution
Veeam has released security updates for Backup & Replication to fix multiple vulnerabilities, including critical flaws that could let authenticated domain users execute code remotely on affected servers.
-
Qualys details nine CrackArmor flaws in AppArmor that enable root escalation
Qualys says nine vulnerabilities in Linux AppArmor, collectively named CrackArmor, let unprivileged local users bypass protections, escalate to root, and break container isolation on affected systems.