All You Need to Know About the New Zero-Day Found in the Log4j Java Library

Log4j 2 is a Java logging library that is open source and extensively used in a variety of software applications and services throughout the world. The flaw gives threat actors…

A Critical Zoho ManageEngine Desktop Central and Desktop Central MSP Vulnerability Is Exploited by an APT Actor

Zoho ManageEngine Desktop Central is a popular management tool that administrators use for automatic software distribution and remote troubleshooting across the whole network. What Happened? An authentication bypass vulnerability in…

A Microsoft MSHTML Exploited By Hackers

It seems that a newly found Iranian threat actor is stealing Google and Instagram credentials from Farsi-speaking targets all around the world employing a new PowerShell-based stealer named PowerShortShell. The…

A Well-Known Bug Bounty Platform Wants Zero-day Exploits for Windows VPN Clients

Zerodium is a premium bug bounty platform created by cybersecurity specialists with zero-day exploit and vulnerability research experience. The goal of Zerodium is to gather together independent security researchers to…

Hackers Are Scanning for the Vulnerability Found in Vmware

The malicious actors are going after the¬†CVE-2021-22005 that is unpatched against a critical arbitrary file upload vulnerability. This vulnerability that was recently patched could lead to remote code execution, as…