Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.

Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports.

AMD has released patches for a microprocessor vulnerability that could allow an attacker to load malicious microcode.

Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware.

Sophos has completed its $859 million all-cash acquisition of SecureWorks. Sophos on Monday announced that it has completed its $859 million all-cash acquisition of SecureWorks.

DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI ...

The exploited vulnerability, tracked as CVE-2024-53104 (CVSS score of 7.8), is a high-severity out-of-bounds write bug that ...

The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.

Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers.