vulnerabilities

vulnerabilities | Apr 11, 2025

Android RAT sneaks onto devices through fake Google Play downloads

A rat pokes its head through a cardboard box. the SpyNote malware is described as an AndroidOS RAT

China nexus group suspected as the attackers behind attacks

News | Mar 28, 2025

Beware the phishing Morphing Meerkat, it may be posing as your email provider

A meerkat sat on the ground. The Morphing Meerkat phishing platform uses fake, personalised email login pages to trick users

Phishing kits going to great lengths to personalise attacks

| Software | Mar 21, 2025

A new Veeam backup vulnerability? Let's patch with a similar fix as before

A person applies two plasters to an elbow. Veamm was criticised by security researchers for the patch used for its backup vulnerabilities

A CVSS rated 9.9 vulnerability needs an urgent fix - but is it sufficient?

vmware | Mar 04, 2025

VMware: Critical “VM escape” zero days exploited in wild

"There are no other meaningful workarounds that do not involve updating and restarting..."

Security | Feb 19, 2025

Critical SonicWall SSLVPN authentication bypass exploited in the wild

Bug lets attackers to bypass even accounts with multi-factor authentication enabled.

Patch Tuesday | Feb 11, 2025

Patch Tuesday: A “wormable” LDAP bug and two EOP zero days fixed

Lighter than last month, mercifully, but still some urgent fixes.

Security | Feb 06, 2025

.NET bug being exploited in the wild

".NET Remoting is still around. Even where developers might not expect it such as in ASP.NET web applications, both on-premises and on Azure"

Security | Jan 27, 2025

SonicWall zero day confirmed exploited in the wild

Affected devices “designed as an advanced secure access gateway for medium enterprises, multi-national corporations and managed security service providers (MSSPs.)”

Security | Jan 14, 2025

Fortinet zero day confirmed. CVE allocated. Attackers tunnelling...

Authentication bypass to super admin. Gulp.

106