UPDATE: Indicators of compromise are now available. The unredacted RCE exploit released on Monday allows unauthenticated, remote attackers to upload files to the vCenter Server analytics service. A ...

Threat actors exploited more zero-day vulnerabilities in 2021 than any prior year and mostly in software from Microsoft, Google, and Apple. State-backed advanced persistent threat actors remained the ...

Haroun joined Android Police in 2021, reporting on the latest stories in the tech world. Since then, he’s gleefully covered everything from the most mundane Google Docs features to more mainstream ...

Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it. Publicly disclosed earlier ...

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. The internet has a ...

Google has published the 2021 review of Project Zero, revealing a record amount of zero-days exploits (labeled as “one of the most advanced attack methods”) exhibited by some of the world’s largest ...

Google has published its comprehensive list of zero-day exploits detected in 2021. The company’s Project Zero team disclosed a total of 58 zero-days throughout the year, making it one of the busiest ...

Threat analysts report that zero-day vulnerability exploitation is on the rise, with Chinese hackers using most of them in attacks last year. Zero-day vulnerabilities are security weaknesses in ...

Ethereum address connected to the perpetrators of the 2021 Indexed Finance exploit and the 2023 KyberSwap attack has sprung ...

Hackers have released details of a new exploit that allows homebrew and custom firmware to be installed on PS4 consoles running relatively recent firmware. What’s more, the specifics of the exploit ...

Brute-forcing passwords, as well as the exploit of ProxyLogon vulnerabilities against Microsoft Exchange Server, were among the most popular attack vectors last year. According to ESET's Q3 Threat ...

Decentralized finance (DeFi) platform Vee Finance has been hit for an exploit of around $35 million in the second major attack of an Avalanche platform.