Security Issues, Vulnerabilities, Exploits & Government Alerts
Ravie LakshmananJun 03, 2026Vulnerability / Server Security Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed…
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims’ systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating…
Ravie LakshmananJun 02, 2026Vulnerability / Mobile Security Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component…
Ravie LakshmananJun 02, 2026Threat Intelligence / Malware The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and…
Ravie LakshmananJun 02, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and government partners published a joint fact sheet today with recommended mitigations to protect automatic tank gauge (ATG) systems from being compromised by cyber threat actors…
AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window…
Most organizations now recognize that endpoint protection alone is no longer sufficient. That’s why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations understand that modern attacks move faster, evade…
Ravie LakshmananJun 02, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan…
Ravie LakshmananJun 02, 2026Identity Security / Data Protection Password manager Dashlane has disclosed that “fewer than” 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an…