CVE

Ransomware hits web hosting servers via vulnerable CyberPanel instances

CVE, Don't miss, Hot stuff, LeakIX, Linux, News, Ransomware, security update, vulnerability, web hosting /

Ransomware hits web hosting servers via vulnerable CyberPanel instances 2024-10-30 at 16:19 By Zeljka Zorz A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX ransom note (Source: LeakIX) The CyberPanel vulnerabilities CyberPanel […]

React to this headline:

Loading spinner

Ransomware hits web hosting servers via vulnerable CyberPanel instances Read More »

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)

Broadcom, CVE, Don't miss, Hot stuff, News, security update, virtualization, VMWare, vulnerability /

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) 2024-10-22 at 14:02 By Zeljka Zorz Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attackers to achieve remote code execution. The vulnerabilities were privately reported by

React to this headline:

Loading spinner

VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) Read More »

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

CVE, Don't miss, exploit, Hot stuff, News, Positive Technologies, Roundcube, vulnerability /

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) 2024-10-22 at 12:34 By Zeljka Zorz Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in Roundcube Webmail versions 1.5.7 and

React to this headline:

Loading spinner

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383) Read More »

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)

CVE, Don't miss, enterprise, Fortinet, FortiOS, Hot stuff, News, Shadowserver, vulnerability, WatchTowr /

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) 2024-10-15 at 14:49 By Zeljka Zorz Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the

React to this headline:

Loading spinner

87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Read More »

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)

CVE, Don't miss, ESET, Firefox, Hot stuff, News, security update, Tor, vulnerability /

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) 2024-10-10 at 15:31 By Zeljka Zorz Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is a use-after-free vulnerability in

React to this headline:

Loading spinner

Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) Read More »

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)

0-day, CVE, Don't miss, Hot stuff, Microsoft, NetSPI, News, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows /

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) 2024-10-08 at 22:49 By Zeljka Zorz For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console

React to this headline:

Loading spinner

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) Read More »

Qualcomm zero-day under targeted exploitation (CVE-2024-43047)

chip, CVE, Don't miss, Google, Hot stuff, News, Qualcomm, vulnerability /

Qualcomm zero-day under targeted exploitation (CVE-2024-43047) 2024-10-08 at 15:31 By Zeljka Zorz An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm has confirmed patches for 20 vulnerabilities affecting both proprietary and open source software running on its various chipsets. Among

React to this headline:

Loading spinner

Qualcomm zero-day under targeted exploitation (CVE-2024-43047) Read More »

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

CVE, Don't miss, exploit, Hot stuff, News, PoC, ProjectDiscovery, Proofpoint, Synacor, vulnerability /

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) 2024-10-02 at 14:16 By Zeljka Zorz Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and

React to this headline:

Loading spinner

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) Read More »

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE

CVE, Don't miss, Hot stuff, Linux, News, PoC, Rapid7, Red Hat, Tenable, vulnerability /

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE 2024-09-27 at 13:31 By Zeljka Zorz After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to

React to this headline:

Loading spinner

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE Read More »

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

CVE, Don't miss, education, enterprise, Government, Horizon3.ai, Hot stuff, MSP, News, PoC, SMBs, SolarWinds, vulnerability /

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) 2024-09-25 at 17:17 By Zeljka Zorz Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remotely read and modify all help desk ticket details, are now public. “When

React to this headline:

Loading spinner

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) Read More »

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

CVE, Don't miss, enterprise, exploit, Hot stuff, Ivanti, News, PoC, vulnerability /

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) 2024-09-25 at 12:46 By Zeljka Zorz CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities

React to this headline:

Loading spinner

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593) Read More »

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)

access management, AmberWolf, CVE, Don't miss, enterprise, Hot stuff, News, One Identity, vulnerability /

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) 2024-09-19 at 15:31 By Zeljka Zorz Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance. “Once an attacker has gained

React to this headline:

Loading spinner

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) Read More »

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

CVE, Don't miss, enterprise, Horizon3.ai, Hot stuff, Ivanti, News, PoC, secure communications, vulnerability /

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) 2024-09-17 at 13:02 By Zeljka Zorz CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in the near future: Horizon3.ai researchers have published their

React to this headline:

Loading spinner

PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190) Read More »

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

0-day, APT, Check Point, CVE, Don't miss, Hot stuff, Microsoft, News, security update, Trend Micro, vulnerability, Windows /

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) 2024-09-16 at 15:46 By Zeljka Zorz CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,”

React to this headline:

Loading spinner

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) Read More »

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

CVE, Don't miss, endpoint management, Hot stuff, Ivanti, News, vulnerability /

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) 2024-09-11 at 15:02 By Zeljka Zorz Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use it as a beachhead for

React to this headline:

Loading spinner

Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) Read More »

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

0-day, CVE, Don't miss, Elastic, Hot stuff, Immersive Labs, News, Patch Tuesday, SharePoint, Tenable, Trend Micro, vulnerability, Windows /

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes 2024-09-10 at 22:46 By Zeljka Zorz September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect

React to this headline:

Loading spinner

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes Read More »

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)

CVE, Don't miss, firmware, Hot stuff, NAS, News, SMBs, vulnerability, Zyxel /

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) 2024-09-10 at 12:02 By Zeljka Zorz Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to medium-sized businesses (SMBs) for data

React to this headline:

Loading spinner

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) Read More »

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)

backup, Censys, Code White, CVE, Don't miss, enterprise, Hot stuff, News, Veeam Software, vulnerability, WatchTowr /

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) 2024-09-09 at 14:46 By Zeljka Zorz CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged for

React to this headline:

Loading spinner

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) Read More »

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)

Apache OFBiz, CVE, Don't miss, enterprise, Hot stuff, News, open source, Rapid7, vulnerability, web application /

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) 2024-09-06 at 13:02 By Zeljka Zorz For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source suite

React to this headline:

Loading spinner

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) Read More »

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

APT, CVE, cybercrime, Don't miss, ESET, exploit, Hot stuff, News, Windows /

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) 2024-08-28 at 12:02 By Help Net Security ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET discovered another way to

React to this headline:

Loading spinner

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) Read More »

Scroll to Top