exploited

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 2024-01-22 at 13:16 By Ionut Arghire CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half. The post Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 appeared first on SecurityWeek. This article is an excerpt […]

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 Read More »

VMware vCenter Server Vulnerability Exploited in Wild 

VMware vCenter Server Vulnerability Exploited in Wild  2024-01-19 at 13:16 By Eduard Kovacs VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild.  The post VMware vCenter Server Vulnerability Exploited in Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

VMware vCenter Server Vulnerability Exploited in Wild  Read More »

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases 2024-01-19 at 13:16 By Eduard Kovacs The number of Ivanti VPN appliances compromised through exploitation of recent flaws increases and another vulnerability is added to exploited list. The post Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases appeared first

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases Read More »

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation 2024-01-17 at 12:16 By Eduard Kovacs Citrix is aware of attacks exploiting two new NetScaler ADC and Gateway zero-day vulnerabilities tracked as CVE-2023-6548 and CVE-2023-6549. The post Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation appeared first on SecurityWeek. This article is an excerpt from

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation Read More »

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

CISA Urges Patching of Exploited SharePoint Server Vulnerability

CISA Urges Patching of Exploited SharePoint Server Vulnerability 2024-01-11 at 14:32 By Ionut Arghire CISA has added a critical Microsoft SharePoint Server flaw (CVE-2023-29357) to its Known Exploited Vulnerabilities catalog. The post CISA Urges Patching of Exploited SharePoint Server Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

CISA Urges Patching of Exploited SharePoint Server Vulnerability Read More »

CISA Warns of Apache Superset Vulnerability Exploitation

CISA Warns of Apache Superset Vulnerability Exploitation 2024-01-09 at 20:02 By Ionut Arghire CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

CISA Warns of Apache Superset Vulnerability Exploitation Read More »

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Critical Apache OFBiz Vulnerability in Attacker Crosshairs 2023-12-29 at 13:17 By Eduard Kovacs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Critical Apache OFBiz Vulnerability in Attacker Crosshairs Read More »

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild 22/12/2023 at 14:46 By Eduard Kovacs CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog.  The post CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild appeared first on

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild Read More »

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs 15/12/2023 at 14:55 By Ionut Arghire Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code. The post Recent Apache Struts 2 Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs Read More »

Sophos Patches EOL Firewalls Against Exploited Vulnerability

Sophos Patches EOL Firewalls Against Exploited Vulnerability 13/12/2023 at 13:46 By Ionut Arghire Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit. The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Sophos Patches EOL Firewalls Against Exploited Vulnerability Read More »

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes 06/12/2023 at 19:03 By Ionut Arghire The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities. The post Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes Read More »

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks 30/11/2023 at 17:46 By Eduard Kovacs Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks.  The post Qlik Sense Vulnerabilities Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks Read More »

Google Patches Seventh Chrome Zero-Day of 2023

Google Patches Seventh Chrome Zero-Day of 2023 29/11/2023 at 16:46 By Ionut Arghire The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. The post Google Patches Seventh Chrome Zero-Day of 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Google Patches Seventh Chrome Zero-Day of 2023 Read More »

Exploitation of Critical ownCloud Vulnerability Begins

Exploitation of Critical ownCloud Vulnerability Begins 28/11/2023 at 18:01 By Ionut Arghire Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Exploitation of Critical ownCloud Vulnerability Begins Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

Zimbra Zero-Day Exploited to Hack Government Emails

Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Zimbra Zero-Day Exploited to Hack Government Emails Read More »

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild 09/11/2023 at 13:32 By Ionut Arghire CISA says an SLP vulnerability allowing for a DoS amplification factor of 2,000 is being exploited in attacks. The post CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild appeared first on SecurityWeek. This

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild Read More »

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

SysAid Zero-Day Vulnerability Exploited by Ransomware Group 09/11/2023 at 13:32 By Eduard Kovacs CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates. The post SysAid Zero-Day Vulnerability Exploited by Ransomware Group appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

SysAid Zero-Day Vulnerability Exploited by Ransomware Group Read More »

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks 

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  06/11/2023 at 17:06 By Eduard Kovacs Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group.  The post ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks  Read More »

Scroll to Top