CoinDesk

Solana-Based Decentralized Finance Platform Mango Hit by $100 Million Exploit

Mango, a decentralized finance platform hosted on the Solana blockchain, has been exploited for over $100 million. The exploit was initially reported on Twitter by blockchain auditors OtterSec, who ...
Android

New Microsoft Exchange exploit being used to breach servers

Play ransomware has been a major threat to businesses and organizations for some time now, and the threat actors behind it are constantly finding new ways to infiltrate and compromise systems. In a ...
Bleeping Computer

Google finds more Android, iOS zero-days used to install spyware

Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens ...
AppleInsider

Pegasus had three ways to hack iPhones without the owner tapping

Pegasus, the spyware used by governments to secretly break into iPhones of journalists and political opponents, used three zero-click exploits affecting iOS 15 and iOS 16 in Mexico in 2022. NSO Group ...
Bleeping Computer

Exploit released for critical ManageEngine RCE bug, patch now

Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products. This pre-authentication RCE flaw is tracked as CVE-2022-47966 and ...
TechSpot

Pegasus spyware targeted iOS 15 and 16 with new zero-click exploits in 2022

What just happened? The Pegasus spyware developed by notorious Israeli tech firm NSO Group has once again raised its ugly head several years after it was originally deployed. While recent reports ...
Dark Reading

Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched

For its October Patch Tuesday update, Microsoft addressed a critical security vulnerability in its Azure cloud service, carrying a rare 10-out-of-10 rating on the CVSS vulnerability-severity scale.
AppleInsider

Google patches seventh zero-day exploit in Chrome in 2022

A critical Google Chrome update for the Mac and Windows desktop browsers is available that addresses an actively exploited vulnerability. Chrome users should update to version 107.0.5304.87 for Mac ...
Ars Technica

Patches for 6 0-days under active exploit are now available from Microsoft

It’s the second Tuesday of the month, and that means it’s Update Tuesday, the monthly release of security patches available for nearly all software Microsoft supports. This time around, the software ...
TechSpot

Security experts urge Chrome users to patch new zero-day exploit immediately

What just happened? Google just released an emergency security update to patch a newly discovered vulnerability in the Chrome web browser. The buffer overflow-based exploit was discovered by Clément ...