Exploits stories

Picus Security launches Exposure Validation, a tool using real-time attack simulations to identify which vulnerabilities are truly exploitable in organisations.

Mandiant's 2024 report reveals a rise in financially motivated cyber attacks, with 55% of threat groups seeking profit, while detection remains a major challenge globally.

ReliaQuest's new report reveals a worrying 24% rise in ransomware attacks on the manufacturing sector, impacting 624 companies between August 2024 and January 2025.

GitHub has partnered with Endor Labs, integrating advanced security software to help developers swiftly identify and manage critical vulnerabilities within the platform.

Tenable has launched Tenable Patch Management, an autonomous solution designed to streamline vulnerability remediation amid increasing cyber threats.

Opus Security unveils its AI-powered Advanced Multi-Layered Prioritization Engine, revolutionising how organisations manage and address vulnerabilities.

Hackers exploiting newly found vulnerability in Palo Alto’s PAN-OS are using RedTail malware to enhance cryptomining operations, raising cybersecurity alarms.

Rapid7’s 2024 Attack Intelligence Report highlights a sharp rise in zero-day vulnerabilities causing mass breaches and underscores the necessity for faster patching and robust MFA protocols.

Google and Mandiant's cybersecurity report reveals a 50% rise in exploited zero-day vulnerabilities in 2023, with China being the leading perpetrator.

New Relic's observability platform now offers Interactive Application Security Testing (IAST) with a proof-of-exploit reporting feature, enabling real-time identification and fixing of application vulnerabilities before code deployment.

In light of the massive cybersecurity breach impacting Ivanti solutions, firms are urged to embrace cyber resilience for business continuity, demonstrating greater fortitude against potential disruptions.

Data Theorem's Cloud Secure and Mobile Protect acclaimed for top cloud security and mobile API threat protection at 2023 CyberSecured Awards.

Azul's inaugural State of Java survey highlights Java's vital role in global tech, with 98% of firms reporting usage.

Cequence Security offers first-ever API protection on the HPE GreenLake Marketplace, promoting visibility, reduced costs, and minimised business risks.

An attacker attempted to exploit the open-source community by uploading a series of malicious packages to the PyPi package manager.

Recorded Future's monthly report reveals high-risk vulnerabilities, exploit chains, and zero-day vulnerabilities affecting Microsoft and Ivanti products.

Critical hijacking vulnerability in Stremio 4.4 puts 5 million users at risk; remote code execution and information theft possible.

Claroty’s research arm, Team82, has disclosed five vulnerabilities in NETGEAR’s RAX30 routers they discovered at the Pwn2Own Toronto hacking competition.

Rapid7 Vulnerability Intelligence Report finds attackers developing and deploying exploits faster, with an 87% increase in first-week exploitation since 2020.

Secureworks has found that the Iranian threat group, Cobalt Sapling, has reemerged with a new persona, Abraham's Ax.