The Apache Software Foundation has released an emergency security update today to patch a zero-day vulnerability in Log4j, a Java library that provides logging capabilities. The vulnerability, also ...

A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S.

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...

A single flaw in Apache Log4j spiraled into one of the most dangerous exploits ever found. Experts warned it could have taken down the entire internet. White House responds to Trump-Putin documents ...

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, ...

Pwn2Own hackers use $150,000 exploit on VMware ESXi. The elite hackers attending Pwn2Own in Berlin have made hacking history by successfully deploying a zero-day exploit against VMware ESXi. Having ...

Users of the Atomic and Exodus wallets are being targeted by threat actors uploading malicious software packages to online coding repositories to steal crypto private keys in the latest cybersecurity ...

A Minecraft Movie is here! That's right, the big Hollywood game adaptation of one of the best open world games ever has finally hit screens, treating us to such viewing pleasures as Jack Black riding ...

Abstract: On December 10, 2021, Log4Shell was disclosed to the public and was quickly recognized as a most severe vulnerability. It exploits a bug in the wide-spread Log4j library that allows for ...

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...

Less than a week after the rollout of patches for a critical remote code execution vulnerability in Apache Tomcat, exploit code has been published on a Chinese forum showing how to hijack servers with ...