-
Chinese state hackers use rootkit to hide ToneShell malware activity
A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
- December 29, 2025
- 07:08 PM
0
-
CISA: High-severity Linux flaw now exploited by ransomware gangs
CISA confirmed on Thursday that a high-severity privilege escalation flaw in the Linux kernel is now being exploited in ransomware attacks.
- October 31, 2025
- 09:05 AM
4
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Google fixes actively exploited Android flaws in September update
Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws.
- September 03, 2025
- 10:14 AM
- 0
-
ASUS Armoury Crate bug lets attackers get Windows admin privileges
A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines.
- June 16, 2025
- 02:08 PM
- 3
-
CISA orders agencies to patch Linux kernel bug exploited in attacks
CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks.
- February 05, 2025
- 01:58 PM
- 0
-
Google fixes Android kernel zero-day exploited in attacks
The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild.
- February 03, 2025
- 03:10 PM
- 0
-
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability.
- December 16, 2024
- 02:50 PM
- 1
-
Researchers discover first UEFI bootkit malware for Linux
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows.
- November 27, 2024
- 12:37 PM
- 0
-
Google fixes Android kernel zero-day exploited in targeted attacks
Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks.
- August 05, 2024
- 06:40 PM
- 1
-
Apple backports fix for zero-day exploited in attacks to older iPhones
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks.
- May 13, 2024
- 05:47 PM
- 0
-
Windows Kernel bug fixed last month exploited as zero-day since August
Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day.
- March 02, 2024
- 10:09 AM
- 0
-
CISA warns of patched iPhone kernel bug now exploited in attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks.
- January 31, 2024
- 02:02 PM
- 0
-
Apple fixes iOS Kernel zero-day vulnerability on older iPhones
Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks.
- October 12, 2023
- 12:40 PM
- 0
-
Apple emergency update fixes new zero-day used to hack iPhones
Apple released new emergency security updates on Wednesday to patch two new zero-day vulnerabilities known to be exploited in attacks.
- October 04, 2023
- 02:19 PM
- 9
-
Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone
Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows.
- August 14, 2023
- 02:13 PM
- 3
-
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices.
- July 26, 2023
- 02:51 PM
- 0
-
Hackers exploit Windows policy to load malicious kernel drivers
Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole.
- July 11, 2023
- 01:00 PM
- 1
-
Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default
Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including the latest Windows 10, Windows Server, and Windows 11 releases.
- June 14, 2023
- 05:43 PM
- 4
-
Microsoft tests live kernel memory dumps in Windows 11 Task Manager
Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows.
- January 12, 2023
- 04:59 PM
- 1
-
Microsoft-signed malicious Windows drivers used in ransomware attacks
Microsoft has revoked several Microsoft hardware developer accounts after drivers signed through their profiles were used in cyberattacks, including ransomware incidents.
- December 13, 2022
- 06:10 PM
- 1
4
