Huntress researchers have detected active exploitation of a critical vulnerability in Wing FTP Server, just one day after its public disclosure. The vulnerability CVE-2025-47812 has been assigned the highest severity...
Hundreds of printer models from Brother and other manufacturers (Fujifilm, Toshiba, Ricoh and Konica Minolta) have been found to be vulnerable to serious vulnerabilities discovered by researchers at Rapid7. For...
Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features...
A proof of concept (PoC) for a critical vulnerability identified as CVE-2024-33544 has recently been released. This vulnerability involves an unauthenticated SQL injection, which poses a serious threat to the...
A malicious actor, under the name "tikila", has posted an advertisement on a hacking forum for the sale of a local privilege escalation (LPE) vulnerability for Windows. According to the...
The vulnerability CVE-2024-34750 in Apache Tomcat, as described in the security bulletin AL01/240705/CSIRT-ITA, concerns an issue that can be exploited to overload the server's computing resources, leading to a Denial...
A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker...
A recent critical vulnerability in OpenSSH, identified as CVE-2024-6387, could allow unauthenticated remote code execution with root privileges on glibc-based Linux systems. This flaw resides in the server component of...
Donato Onofri e Emanuele Calvelli Endpoint Security & XDR CrowdStrike. HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling A recent HijackLoader variant employs sophisticated techniques to...
