Security

Cisco warns of active exploitation of a critical zero-day vulnerability in its IOS XE software, allowing remote attackers to gain root access and deploy implants.

A critical Cisco IOS XE zero-day is under active exploitation, giving attackers full control of vulnerable devices.

The GootBot malware module enables sophisticated fileless persistence, establishing backdoors in corporate networks through memory-based techniques that evade traditional detection.

A new, stealthy Linux backdoor dubbed 'SparrowDoor' has been linked to APT29, posing a critical threat to data center and cloud security. The kernel rootkit evades detection and targets containerized environments.

The BazaCall 'Live Phish' attack bypasses traditional email filters using voice calls to initiate sophisticated social engineering schemes in 2024. This hybrid vishing and malware campaign targets the human layer.

A massive cyberattack on security giant Zscaler, using a new zero-day exploit, exposes the fragility of the 'never trust, always verify' model under siege.