exploited

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation

exploited, Jenkins, Vulnerabilities /

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation 2024-01-31 at 14:40 By Eduard Kovacs Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks. The post 45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation Read More »

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

botnet, exploited, Malware & Threats, Zero-Day /

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet 2024-01-31 at 12:32 By Ionut Arghire Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet. The post Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet Read More »

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

Atlassian, Confluence, exploited, Featured, Vulnerabilities, vulnerability /

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure 2024-01-22 at 18:16 By Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.  The post Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure Read More »

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

China, China APT, exploited, Nation-State, VMWare, Vulnerabilities /

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 2024-01-22 at 13:16 By Ionut Arghire CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half. The post Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 Read More »

VMware vCenter Server Vulnerability Exploited in Wild 

exploited, Featured, VMWare, Vulnerabilities /

VMware vCenter Server Vulnerability Exploited in Wild  2024-01-19 at 13:16 By Eduard Kovacs VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild.  The post VMware vCenter Server Vulnerability Exploited in Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

VMware vCenter Server Vulnerability Exploited in Wild  Read More »

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases

exploited, Ivanti, Vulnerabilities /

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases 2024-01-19 at 13:16 By Eduard Kovacs The number of Ivanti VPN appliances compromised through exploitation of recent flaws increases and another vulnerability is added to exploited list. The post Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases appeared first

React to this headline:

Loading spinner

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases Read More »

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation

Citrix, exploited, Vulnerabilities, Zero-Day /

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation 2024-01-17 at 12:16 By Eduard Kovacs Citrix is aware of attacks exploiting two new NetScaler ADC and Gateway zero-day vulnerabilities tracked as CVE-2023-6548 and CVE-2023-6549. The post Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation Read More »

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

exploited, Featured, Ivanti, Malware & Threats, Zero-Day /

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

CISA Urges Patching of Exploited SharePoint Server Vulnerability

exploited, Malware & Threats, SharePoint /

CISA Urges Patching of Exploited SharePoint Server Vulnerability 2024-01-11 at 14:32 By Ionut Arghire CISA has added a critical Microsoft SharePoint Server flaw (CVE-2023-29357) to its Known Exploited Vulnerabilities catalog. The post CISA Urges Patching of Exploited SharePoint Server Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

CISA Urges Patching of Exploited SharePoint Server Vulnerability Read More »

CISA Warns of Apache Superset Vulnerability Exploitation

Apache, CISA KEV, exploited, Vulnerabilities /

CISA Warns of Apache Superset Vulnerability Exploitation 2024-01-09 at 20:02 By Ionut Arghire CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Apache Superset Vulnerability Exploitation Read More »

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Apache, exploited, Featured, Vulnerabilities /

Critical Apache OFBiz Vulnerability in Attacker Crosshairs 2023-12-29 at 13:17 By Eduard Kovacs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Critical Apache OFBiz Vulnerability in Attacker Crosshairs Read More »

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

botnet, CISA, exploited, Malware & Threats, Mirai /

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild 22/12/2023 at 14:46 By Eduard Kovacs CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog.  The post CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild appeared first on

React to this headline:

Loading spinner

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild Read More »

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

Apache, exploited, Struts, Vulnerabilities /

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs 15/12/2023 at 14:55 By Ionut Arghire Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code. The post Recent Apache Struts 2 Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs Read More »

Sophos Patches EOL Firewalls Against Exploited Vulnerability

exploited, Sophos, Vulnerabilities /

Sophos Patches EOL Firewalls Against Exploited Vulnerability 13/12/2023 at 13:46 By Ionut Arghire Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit. The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Sophos Patches EOL Firewalls Against Exploited Vulnerability Read More »

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

Cisco, exploited, Vulnerabilities /

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes 06/12/2023 at 19:03 By Ionut Arghire The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities. The post Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes Read More »

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

exploited, Featured, Qlik, Ransomware /

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks 30/11/2023 at 17:46 By Eduard Kovacs Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks.  The post Qlik Sense Vulnerabilities Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks Read More »

Google Patches Seventh Chrome Zero-Day of 2023

Chrome, exploited, Featured, Vulnerabilities, Zero-Day /

Google Patches Seventh Chrome Zero-Day of 2023 29/11/2023 at 16:46 By Ionut Arghire The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. The post Google Patches Seventh Chrome Zero-Day of 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Google Patches Seventh Chrome Zero-Day of 2023 Read More »

Exploitation of Critical ownCloud Vulnerability Begins

exploited, Featured, Malware & Threats, ownCloud, Vulnerabilities /

Exploitation of Critical ownCloud Vulnerability Begins 28/11/2023 at 18:01 By Ionut Arghire Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation of Critical ownCloud Vulnerability Begins Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA KEV, exploited, Featured, Malware & Threats, Sophos /

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

Zimbra Zero-Day Exploited to Hack Government Emails

email security, exploited, Featured, Government, Malware & Threats, Zimbra /

Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Zimbra Zero-Day Exploited to Hack Government Emails Read More »

Scroll to Top