Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using ...

Improper access control issues in VMware Tools for Windows could allow privilege escalation on affected virtual machines.

Hackers have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js.

The US Cybersecurity and Infrastructure Security Agency (CISA) added a NAKIVO bug to its Known Exploited Vulnerabilities (KEV ...

The in-the-wild exploitation, as tagged by CISA, follows watchTowr’s public disclosure of the vulnerability, along with a ...

Attackers are exploiting a security vulnerability in the backup solution Nakivo Backup & Replication Director. A security ...

CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in ...

CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list.

CISA adds flaw CVE-2024-48248 to NAKIVO pre-10.11.3; active exploit risks data exposure, FCEB must mitigate by April 9, 2025.

The former manager for the Cybersecurity and Infrastructure Agency's "CyberSentry" program, Shaw was also among the 130 probationary CISA workers mass fired in the "Valentine's Day Massacre ...

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups ...

“On Friday, February 28, 2025, at 1600 hours, the government contract I supported with CISA (Dept of Homeland Security) was terminated due to DOGE," senior penetration tester Christopher Chenoweth ...