Zoom

Weekly Top 10 – 02.19.2024- Critical Microsoft Exchange Vulnerability, North Korean APT Breached South Korean Presidential Staff, GoldPickaxe iOS Malware Captures Facial Recognition Data, and More.

WEEKLY TOP TEN: February 19, 2024, 15:00 GMT Our Threat Operations and Intelligence team compiles a daily digest…

February 19, 2024 15:00 GMT

Weekly Top 10 – 10.9.2023- Zombie Zoom Links, Indeed.com Redirect Vulnerability Abused, CISA Adds Windows and JetBrains to KEV Catalogue, BING AI Convinced to Reveal CAPTCHA

Critical Vulnerabilities discovered in WS_FTP Server software, Zero-day exploit in Exim Maill Server, Maximum Severity Vulnerabilities in Confulence, Looney-Toonable flaw in Linux Distributions GNU C Library, and 6 more cybersecurity stories...

October 9, 2023 06:00 GMT

Weekly Top Ten Cybersecurity Stories – 1.13.2023

CISA adds Exchange privilege escalation bug to "known exploited" catalog, Fake AnyDesk websites deploying info stealer, multiple Cisco router models hit by no-workaround vulnerability, and 7 more...

January 13, 2023 16:23 GMT

Multiple Vulnerabilities Discovered in Zoom Client

Two new vulnerabilities discovered in Zoom Client for Meetings allow arbitrary code execution and exposed process memory. Updates…

December 8, 2021 17:50 GMT

Hand-Picked Top-Read Stories

Weekly Top 10: 05.19.2025: Two 0-Day Exploits in Ivanti Endpoint Management Used in the Wild; Windows 10 Updates Cause Bootlocker Encryption; AI Vishing Campaign Impersonates Government Officials; and More.

The Modern IR Runbook

Weekly Top 10: 05.12.2025: Critical Code Execution Flaw Patched in LangFlow; CISA Warns Threat Actors are Targeting Energy and Transportation Systems Sectors, Google Patches Zero-Click RCE Flaw on Android, and More.

Trending Tags

Weekly Top 10 – 02.19.2024- Critical Microsoft Exchange Vulnerability, North Korean APT Breached South Korean Presidential Staff, GoldPickaxe iOS Malware Captures Facial Recognition Data, and More.

Weekly Top 10 – 10.9.2023- Zombie Zoom Links, Indeed.com Redirect Vulnerability Abused, CISA Adds Windows and JetBrains to KEV Catalogue, BING AI Convinced to Reveal CAPTCHA

Weekly Top Ten Cybersecurity Stories – 1.13.2023

Multiple Vulnerabilities Discovered in Zoom Client

Threat Advisories

Weekly Top 10: 05.19.2025: Two 0-Day Exploits in Ivanti Endpoint Management Used in the Wild; Windows 10 Updates Cause Bootlocker Encryption; AI Vishing Campaign Impersonates Government Officials; and More.

Weekly Top 10: 05.12.2025: Critical Code Execution Flaw Patched in LangFlow; CISA Warns Threat Actors are Targeting Energy and Transportation Systems Sectors, Google Patches Zero-Click RCE Flaw on Android, and More.

Weekly Top 10: 05.05.2025: Using Trusted Protocols Against You: Gmail as a C2 Mechanism, Shadow Roles: AWS Defaults Can Open the Door to Service Takeover, Gremlin Stealer: New Stealer on Sale in Underground Forum, and More.

Weekly Top 10: 04.21.2025: ASUS AiCloud Authentication Bypass, CISA Warns of SonicWall SMA Being Actively Exploited, ‘Mustang Panda’ Employs Four New Attack Tools, and More.

Weekly Top 10: 04.14.2025: Exploitation of CLFS Zero-Day Leads to Ransomware Activity, Unraveling the U.S. Toll Road Smishing Scams, Shuckworm Targets Foreign Military Mission Based in Ukraine, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware