The Android Security Bulletin for August 2024 details vulnerabilities addressed by the 2024-08-05 security patch level. The most critical issue is a high-severity vulnerability in the Framework component, which could potentia ...
A critical zero-day vulnerability has been identified in the Arcadyan FMIMG51AX000J model and potentially other devices affiliated with the WiFi Alliance. This flaw allows remote attackers to execute arbitrary code. An indepe ...
Chinese state-sponsored threat actors have been exploiting a zero-day vulnerability in Versa Director servers, identified as CVE-2024-39717. This vulnerability, discovered by Black Lotus Labs at Lumen Technologies, has been ac ...
A botnet is exploiting a new zero-day vulnerability, CVE-2024-7029, in AVTECH CCTV cameras to spread a Mirai variant, which is a command injection vulnerability in the brightness function that allows for remote code execution. ...
Chromium is the foundation for many popular web browsers including Google Chrome and Microsoft Edge, and this is the most lucrative thing that attracts the hackers most. Cybersecurity analysts at Microsoft recently discovered ...
Google has released a patch for a critical zero-day vulnerability, CVE-2024-32896, which was actively exploited in the wild. This vulnerability, classified as a high-severity elevation of privilege (EoP) flaw, was discovered in t ...
The Russian group RomCom, dubbed Storm-0978, distributes underground ransomware by leveraging the Microsoft Office and Windows HTML RCE zero-day vulnerability identified as CVE-2023-36884. This ransomware encrypts files on vic ...
Microsoft has addressed a critical zero-day vulnerability affecting its Windows Smart App Control (SAC) and SmartScreen security features. This vulnerability was fixed at Microsoft’s September 2024 Patch Tuesday, which addre ...
The cybersecurity landscape in 2024 has been marked by a significant surge in malware and vulnerabilities. The Key trends include the expansion of Ransomware-as-a-Service (RaaS), an increase in software supply chain attacks, ...
The Windows MSHTML platform spoofing vulnerability, CVE-2024-43461, which affects all supported Windows versions, has been exploited in the wild. CVE-2024-43461 was used in attacks by the Void Banshee APT hacking group. Resear ...