CVE-2023-34362 – MOVEit SQL Injection
A SQL injection vulnerability has been identified in Progress MOVEit Transfer. This vulnerability has the potential to enable unauthorized access...
Zyxel CVE-2023-28771 – Command Injection
Improper error message handling in Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls creates a vulnerability that can be exploited...
Metropolitan Opera in NYC Faces Lawsuit Over 2022 Data Breach
New York City’s Metropolitan Opera is facing a class action lawsuit after a data breach in 2022 that exposed the...
Cryptic malware specifically crafted to incapacitate industrial systems.
A new strain of malware capable of infiltrating and disrupting crucial industrial systems, such as power plants, has been discovered...
Malware-related URLs
This page contains lists of malware-related URLs that are either recently added in the last 30 days or are currently...
Active Botnet IP List
This is a list of known active Botnet Command-and-Control Servers such as but not limited to:DridexQakbotTrickBotEmotetBazarLoader This list is vetted...
Advantech WebAccess/SCADA Advisory
CVE-2023-2866 – Insufficient Type Distinction vulnerability where .zip files containing webshells can be uploaded on the SCADA server. If an...
Ransomware Week
Ransomware attacks on local governments continue to cause disruptions, as seen with recent incidents targeting Dallas and Augusta, Georgia. Augusta’s...
NCB Management Services breached
NCB Management Services, a US debt collector, suffered a data breach that exposed sensitive financial data, including payment card numbers...
Exploited in the wild: Barracuda Email Security Gateway Appliance (ESG) (CVE-2023-2868)
Barracuda discovered a vulnerability in their Email Security Gateway (ESG) appliance on May 19, 2023, affecting the attachment screening module....