Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. […]
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 […]
NVIDIA NeMo Vulnerability Enables Remote Exploits
NVIDIA has issued an urgent security advisory addressing three high-severity vulnerabilities in its NeMo Framework, a platform widely used for developing AI-powered applications. The flaws, […]
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. “This addition […]
Commvault RCE Vulnerability Exploited—PoC Released
Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure of a major pre-authenticated remote code execution (RCE) vulnerability in […]
Multiple Cisco Tools at Risk from Erlang/OTP SSH Remote Code Execution Flaw
Cisco has issued a high-severity advisory (cisco-sa-erlang-otp-ssh-xyZZy) warning of a critical remote code execution (RCE) vulnerability in products using Erlang/OTP’s SSH server. The flaw, tracked […]
Trotz Back-Up: 86 Prozent der Unternehmen zahlen Lösegeld
80 Prozent der Cyberangriffe beginnen mit kompromittierten Zugangsdaten und einem Active Directory. Andrey_Popov – shutterstock.com Cybertools um sich gegen Angriffe zu wappnen, werden genauso wie […]
Zyxel RCE Flaw Lets Attackers Run Commands Without Authentication
Security researcher Alessandro Sgreccia (aka “rainpwn”) has revealed a set of critical vulnerabilities in Zyxel’s USG FLEX-H firewall series that enable remote code execution (RCE) […]
Erodiert die Security-Reputation der USA?
Trump stiftet Verunsicherung – auch wenn’s um Cybersicherheit geht. Joshua Sukoff | shutterstock.com Nachdem US-Präsident Donald Trump nun auch Cybersicherheitsunternehmen per Executive Order für abweichende […]
Cohesity-Veritas makes its pitch: Real-time cyberattack data recovery, AI analysis without the data lake
Cohesity, a data protection company, held its first press conference in Korea since its merger with Veritas and began to make full-fledged inroads into the […]