exploit

A malicious GitHub repository disguises a proof-of-concept (PoC) exploit for CVE-2024-49113, also known as “LDAPNightmare,” delivering infostealer malware.

A high-severity flaw in Microsoft SharePoint, tracked as CVE-2024-38094 is under active exploit. The bug is a deserialization vulnerability often used as attack…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that Iranian Hackers target the Municipal Water Authority of Aliquippa in US.

Microsoft issued a patch for the issue in its security update, but the bug was already under active exploit at the time as a zero-day.

Google has discovered an exploit framework using now-patched Windows, Firefox, and Chrome vulnerabilities to deploy spyware.

The new method bypasses mitigations that microsoft had provided for the exploit chain vulnerability at ProxyNotShell flaws in exchange server.

The Beeple Discord server has been hacked by malicious actors attempting to drain user wallets after Discord server compromised by hackers.

North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver.

Google released a patch and new update to address the threat of CVE-2022-2294, zero-day security vulnerability found in its Chrome web browser.

A security flaw in Facebook’s Messenger Rooms video chat function, attackers able to access to a victim’s private photos, videos from locked Android screen.