Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Woman Looking at Computer Screen

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Search Known Exploits

Search for CVEs by vendor to identify known exploited vulnerabilities in your environment

Loading vendors...

Upcoming Patch Due Dates

via Binding Operational Directive 22-01

(BOD) 22-01 is a directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) in the United States to federal agencies and federal contractors in order to improve their cybersecurity practices. It provides a set of guidelines and requirements that these agencies and contractors must follow to increase their defenses against cyber threats.

Loading...

News Logo

Cyber Security News

You may have missed...

đź“Ś Pinned

*

https:betanews.comMar 5

Inside a cyberattack: How hackers steal data

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...

Read more →
https://techcrunch.comMar 27

Iranian hackers claim breach of FBI director Kash Patel's personal email account

Handala, a pro-Iranian hacking group allegedly working for Iran's government, published over 300 emails and photos from FBI Director Kash Patel's pers...

Read more →
https://hackread.comMar 31

Dark Web Market Lists Alleged 375TB Lockheed Martin Data for $600M - Hackread

A hacker is selling hacked database of BitcoinTalk.org, a Bitcoin forum ... Hacking News with full-scale reviews on Crypto and Technology trends.

Read more →
https://www.wiu.eduMar 31

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

The popular HTTP client Axios suffered a supply chain attack after malicious versions of the npm package introduced a malicious dependency delivering ...

Read more →
https://thehackernews.comMar 31

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files ...

Read more →
https://thehackernews.comMar 31

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

In switching the package manifests, the idea is to avoid raising any red flags during post-infection inspection of the package. Cybersecurity. " ...

Read more →
https://www.forbes.comMar 30

FBI Confirms $10 Million Reward After Iran Hacks Kash Patel's Gmail - Forbes

Who Are the Iran-Linked Handala Gmail Hackers? Researchers from the Sophos Counter Threat Unit have confirmed that the Handala Hack Team is an Iran- ....

Read more →
https://research.checkpoint.comMar 30

ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime

Check Point Research discovered that sensitive data shared with ChatGPT could be silently exfiltrated through a hidden DNS communication path without ...

Read more →
https://censys.comMar 27

Under CTRL: Dissecting a Previously Undocumented Russian .Net Access Framework

Censys discovered CTRL, a previously undocumented Russian .NET remote access toolkit that provides encrypted payload loading, credential harvesting, k...

Read more →

Updated daily

TOP SITES

Cyber_Comply © 2021-25