Mur d'images - Cyberveille

curated by Decio

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

macOS Vulnerabilities: A Year of Security Research at Kandji

2025 Q1 Trends in Vulnerability Exploitation | Blog | VulnCheck

Is Ivanti the problem or a symptom of a systemic issue with network devices?

IngressNightmare | Critical Unauthenticated RCE Vulnerabilities in Kubernetes Ingress NGINX

Apple belatedly fixes exploited flaws in older OSes

Resurgence of In-The-Wild Activity Targeting Critical ServiceNow Vulnerabilities

U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report

Zyxel Telnet Vulnerabilities

Eradicating trivial vulnerabilities, at scale

Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog

Uncovering Apple Vulnerabilities: The diskarbitrationd and storagekitd Audit Story Part 1

Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack

Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog

SwRI evaluates cybersecurity risks associated with EV fast-charging equipment | Southwest Research Institute

Sonar

Big Vulnerabilities in Next-Gen BIG-IP

Chinese Keyboard App Vulnerabilities Explained

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

DJI Mavic 3 Drone Research: Vulnerability Analysis

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind

Vulnerabilities Year-in-Review: 2023

BlueSpy - Spying on Bluetooth conversations

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds | WIRED

Multiple XSS flaws in Joomla can lead to remote code execution

Here is Apple's official 'jailbroken' iPhone for security researchers | TechCrunch

How Memory Forensics Revealed Exploitation of Ivanti Connect Secure VPN Zero-Day Vulnerabilities

Multiple vulnerabilities in Lantronix EDS-MD IoT gateway for medical devices

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

NSA chief announces new AI Security Center, 'focal point' for AI use by government, defense industry

Code Vulnerabilities Put Proton Mails at Risk

Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor | WIRED

Microsoft May 2023 Patch Tuesday

Apple fixes two zero-days exploited to hack iPhones and Macs

Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace

Microsoft February 2023 Patch Tuesday

The OWASSRF + TabShell exploit chain

Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More

Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities

Google Online Security Blog: Memory Safe Languages in Android 13

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures

A New Attack Can Unmask Anonymous Users on Any Major Browser

The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact

macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)

Known macOS Vulnerabilities Led Researcher to Root Out New Flaws

Microsoft Zero-Days, Wormable Bugs Spark Concern

Safari Flaws Exposed Webcams, Online Accounts, and More

Google Online Security Blog: Vulnerability Reward Program: 2021 Year in Review