Threat actors exploited more zero-day vulnerabilities in 2021 than any prior year and mostly in software from Microsoft, Google, and Apple. State-backed advanced persistent threat actors remained the ...

Haroun joined Android Police in 2021, reporting on the latest stories in the tech world. Since then, he’s gleefully covered everything from the most mundane Google Docs features to more mainstream ...

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. The internet has a ...

Google has published its comprehensive list of zero-day exploits detected in 2021. The company’s Project Zero team disclosed a total of 58 zero-days throughout the year, making it one of the busiest ...

Last year saw more exploits of zero-day vulnerabilities than any other, with Chinese state-backed operatives leading the way, according to Mandiant. The threat intelligence vendor recorded 80 zero-day ...

Google has published the 2021 review of Project Zero, revealing a record amount of zero-days exploits (labeled as “one of the most advanced attack methods”) exhibited by some of the world’s largest ...

Hackers have released details of a new exploit that allows homebrew and custom firmware to be installed on PS4 consoles running relatively recent firmware. What’s more, the specifics of the exploit ...

Threat analysts report that zero-day vulnerability exploitation is on the rise, with Chinese hackers using most of them in attacks last year. Zero-day vulnerabilities are security weaknesses in ...

Brute-forcing passwords, as well as the exploit of ProxyLogon vulnerabilities against Microsoft Exchange Server, were among the most popular attack vectors last year. According to ESET's Q3 Threat ...

Criminal groups and even suspected state-sponsored hacking groups continue to exploit a serious vulnerability in Apache Log4j with ransomware and other forms of malware. According to research from ...

In the demonstrations, researchers switched the device names to be a string of characters that would send servers to a testing URL, exploiting the behavior enabled by the vulnerability. After the name ...

We are publishing our 2022 vulnerability stats report in March, and I thought it would be a good idea to share some insights with you. Overall, things have not improved very much. We still see high ...