CVE

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)

Apache OFBiz, CVE, Don't miss, enterprise, Hot stuff, News, open source, SonicWall, vulnerability /

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) 2024-08-05 at 16:47 By Zeljka Zorz CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable systems. About CVE-2024-38856 Apache OFBiz is an open-source framework for enterprise resource […]

React to this headline:

Loading spinner

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) Read More »

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

CVE, Don't miss, enterprise, Hot stuff, Microsoft, News, Ransomware, virtualization, VMWare, vulnerability /

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) 2024-07-30 at 14:01 By Zeljka Zorz Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to them and encrypt their file system. VMware owner Broadcom has released a fix for CVE-2024-37085 on

React to this headline:

Loading spinner

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) Read More »

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)

Acronis, CVE, Don't miss, Hot stuff, MSP, News, storage, vulnerability /

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249) 2024-07-29 at 15:46 By Zeljka Zorz CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers. About Acronis Cyber Infrastructure Acronis is a privately held Swiss cybersecurity and data protection technology company. Acronis Cyber Infrastructure (ACI) is an IT

React to this headline:

Loading spinner

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249) Read More »

Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)

Code White, CVE, Don't miss, enterprise, Hot stuff, News, Progress, vulnerability /

Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) 2024-07-26 at 09:46 By Zeljka Zorz Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About CVE-2024-6327 (and CVE-2024-6096) Telerik Report Server is an enterprise solution for storing,

React to this headline:

Loading spinner

Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) Read More »

Docker fixes critical auth bypass flaw, again (CVE-2024-41110)

containers, CVE, Docker, Don't miss, Hot stuff, News, security update, virtualization, vulnerability /

Docker fixes critical auth bypass flaw, again (CVE-2024-41110) 2024-07-25 at 15:01 By Zeljka Zorz A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, allowing them to perform unauthorized actions, including privilege escalation. About CVE-2024-41110 CVE-2024-41110 is a vulnerability that can be exploited remotely,

React to this headline:

Loading spinner

Docker fixes critical auth bypass flaw, again (CVE-2024-41110) Read More »

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

CVE, data analytics, Don't miss, enterprise, Hot stuff, News, security update, SonicWall, Splunk, vulnerability /

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) 2024-07-18 at 18:01 By Zeljka Zorz A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s threat researchers. Several PoC exploits have been published, including one by IT consultant Mohamed Nabil Ali that performs bulk

React to this headline:

Loading spinner

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) Read More »

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

APT, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, News, spear-phishing, Trend Micro, Windows /

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks 2024-07-16 at 16:46 By Zeljka Zorz The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro’s

React to this headline:

Loading spinner

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks Read More »

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

Censys, CVE, Don't miss, email security, Exim, Hot stuff, Malware, News, vulnerability /

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) 2024-07-15 at 14:20 By Zeljka Zorz The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. About CVE-2024-39929 The vulnerability stems from a bug in RFC 2231

React to this headline:

Loading spinner

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) Read More »

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

0-day, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, Morphisec, MS Office, News, vulnerability /

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) 2024-07-10 at 15:46 By Zeljka Zorz CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li

React to this headline:

Loading spinner

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) Read More »

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

0-day, Action1, Automox, CVE, Don't miss, Hot stuff, Microsoft, MS SQL Server, News, Patch Tuesday, security update, Trend Micro, virtualization, vulnerability, Windows /

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) 2024-07-09 at 22:31 By Zeljka Zorz For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in Windows Hyper-V and Windows MSHTML Platform (respectively). Zero-days exploited in the wild (CVE-2024-38080, CVE-2024-38112) CVE-2024-38080 is a

React to this headline:

Loading spinner

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) Read More »

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)

CVE, Don't miss, exploit, file-sharing, Fortra, Hot stuff, MFT, News, PoC, SQL injection, Tenable, vulnerability /

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) 2024-06-27 at 12:31 By Zeljka Zorz A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s currently no reports of in-the-wild exploitation, enterprise admins are advised to patch their installations as soon as possible.

React to this headline:

Loading spinner

PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) Read More »

75% of new vulnerabilities exploited within 19 days

CVE, cybersecurity, News, report, Skybox Security, survey, vulnerability, vulnerability management /

75% of new vulnerabilities exploited within 19 days 2024-06-27 at 06:31 By Help Net Security Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes — averaging 600 new vulnerabilities per week, according to Skybox Security. The report highlights a critical gap in remediation efforts, with the

React to this headline:

Loading spinner

75% of new vulnerabilities exploited within 19 days Read More »

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

CVE, Don't miss, Eclypsium, firmware, hardware, Hot stuff, Intel, Lenovo, News, vulnerability /

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) 2024-06-21 at 14:31 By Zeljka Zorz A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitation is typical of firmware backdoors (e.g.,

React to this headline:

Loading spinner

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) Read More »

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

cloud computing, CVE, Don't miss, enterprise, Hot stuff, News, virtualization, VMWare, vulnerability /

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) 2024-06-18 at 12:16 By Zeljka Zorz VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation. “A malicious actor with network access to vCenter Server may trigger these vulnerabilities by sending a specially

React to this headline:

Loading spinner

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) Read More »

Mass exploitation is the new primary attack vector for ransomware

CVE, cybersecurity, exploit, News, report, survey, WithSecure /

Mass exploitation is the new primary attack vector for ransomware 2024-06-18 at 07:01 By Help Net Security The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure. Edge service KEV vulnerability trends 64% of all edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) in the Known Exploited

React to this headline:

Loading spinner

Mass exploitation is the new primary attack vector for ransomware Read More »

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)

CVE, Devcore, Don't miss, exploit, Hot stuff, Imperva, News, PHP, Ransomware, vulnerability, WatchTowr, Windows /

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) 2024-06-13 at 15:01 By Zeljka Zorz An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks started on June 8, two days after the PHP development team pushed out fixes, and one

React to this headline:

Loading spinner

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577) Read More »

Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)

Automox, CVE, Don't miss, Hot stuff, Microsoft, Morphisec, News, Outlook, Patch Tuesday, security update, Tenable, Trend Micro /

Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) 2024-06-11 at 23:01 By Zeljka Zorz June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103). 49 CVE-numbered vulnerabilities have been fixed in total, none of which have been exploited in

React to this headline:

Loading spinner

Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103) Read More »

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)

Android, CVE, DevOps, Don't miss, Hot stuff, Java, JetBrains, Kotlin, News, software development, vulnerability /

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) 2024-06-11 at 15:46 By Zeljka Zorz JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose users of its integrated development environments (IDEs) to GitHub access token compromise. About CVE-2024-37051 JetBrains offers IDEs for various programming languages. CVE-2024-37051 is a vulnerability in the

React to this headline:

Loading spinner

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) Read More »

SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995)

CVE, Don't miss, enterprise, file-sharing, Hot stuff, News, SolarWinds, vulnerability /

SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995) 2024-06-07 at 20:01 By Zeljka Zorz SolarWinds has fixed a high-severity vulnerability (CVE-2024-28995) affecting its Serv-U managed file transfer (MFT) server solution, which could be exploited by unauthenticated attackers to access sensitive files on the host machine. About CVE-2024-28995 Serv-U MFT Server is a widely used enterprise solution that

React to this headline:

Loading spinner

SolarWinds fixes severe Serv-U vulnerability (CVE-2024-28995) Read More »

Zyxel patches critical flaws in EOL NAS devices

CVE, Don't miss, Hot stuff, NAS, News, Outpost24, patch, PoC, vulnerability, Zyxel /

Zyxel patches critical flaws in EOL NAS devices 2024-06-06 at 14:46 By Zeljka Zorz Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities The three vulnerabilities are: A command injection vulnerability in the CGI program that could allow

React to this headline:

Loading spinner

Zyxel patches critical flaws in EOL NAS devices Read More »

Scroll to Top