exploited

CrushFTP Patches Exploited Zero-Day Vulnerability

CrushFTP, exploited, Vulnerabilities /

CrushFTP Patches Exploited Zero-Day Vulnerability 2024-04-22 at 16:32 By Ionut Arghire CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

CrushFTP Patches Exploited Zero-Day Vulnerability Read More »

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 

exploited, Malware & Threats, Palo Alto Networks /

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  2024-04-22 at 15:16 By Ionut Arghire Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400. The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  Read More »

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining  

exploited, Kubernetes, Malware & Threats, OpenMetadata /

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining   2024-04-19 at 13:01 By Eduard Kovacs Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments. The post OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining   appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining   Read More »

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

exploited, Malware & Threats, Palo Alto Networks /

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release 2024-04-17 at 14:31 By Eduard Kovacs Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.  The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release Read More »

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge

exploited, Featured, Malware & Threats, Nation-State, Palo Alto Networks, Zero-Day /

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge 2024-04-15 at 14:00 By Eduard Kovacs Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.  The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared

React to this headline:

Loading spinner

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge Read More »

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

exploited, firewall, Malware & Threats, Palo Alto Networks /

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls 2024-04-12 at 23:46 By Ionut Arghire A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks. The post State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls Read More »

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

D-Link, exploited, IoT Security, Vulnerabilities /

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars 2024-04-12 at 14:31 By Eduard Kovacs Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.  The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars Read More »

Palo Alto Networks Warns of Exploited Firewall Vulnerability

exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Palo Alto Networks Warns of Exploited Firewall Vulnerability 2024-04-12 at 14:31 By Ionut Arghire Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls. The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Palo Alto Networks Warns of Exploited Firewall Vulnerability Read More »

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

exploited, Malware & Threats, Vulnerabilities, Zero-Day /

Microsoft Patches Two Zero-Days Exploited for Malware Delivery 2024-04-10 at 13:27 By Eduard Kovacs Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Microsoft Patches Two Zero-Days Exploited for Malware Delivery Read More »

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices

D-Link, exploited, Featured, IoT Security, NAS /

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices 2024-04-09 at 13:16 By Eduard Kovacs Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild. The post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices Read More »

Pixel Phone Zero-Days Exploited by Forensic Firms

exploited, Mobile & Wireless, Pixel /

Pixel Phone Zero-Days Exploited by Forensic Firms 2024-04-04 at 15:33 By Ionut Arghire Google this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices. The post Pixel Phone Zero-Days Exploited by Forensic Firms appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Pixel Phone Zero-Days Exploited by Forensic Firms Read More »

Google Patches Exploited Pixel Vulnerabilities

Android, exploited, Featured, Mobile & Wireless, Pixel /

Google Patches Exploited Pixel Vulnerabilities 2024-04-03 at 13:31 By Ionut Arghire Google patches 28 vulnerabilities in Android and 25 bugs in Pixel devices, including two flaws exploited in the wild. The post Google Patches Exploited Pixel Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Google Patches Exploited Pixel Vulnerabilities Read More »

Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters

AI, Artificial Intelligence, exploited, Featured, Malware & Threats /

Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters 2024-03-27 at 15:01 By Ionut Arghire Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters. The post Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters Read More »

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks

CISA KEV, exploited, SharePoint, Vulnerabilities /

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks 2024-03-27 at 12:46 By Eduard Kovacs CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild. The post CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks Read More »

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

exploited, Featured, Fortinet, Ivanti, Vulnerabilities /

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks 2024-03-26 at 12:46 By Eduard Kovacs CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild. The post Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks Read More »

Aiohttp Vulnerability in Attacker Crosshairs

exploited, Vulnerabilities /

Aiohttp Vulnerability in Attacker Crosshairs 2024-03-19 at 12:23 By Eduard Kovacs A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group. The post Aiohttp Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Aiohttp Vulnerability in Attacker Crosshairs Read More »

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure

building, exploited, Featured, ICS/OT, IoT Security, vulnerability /

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure 2024-03-12 at 13:18 By Eduard Kovacs Vulnerabilities affecting a Nice Linear physical access product, including an exploited flaw, patched five years after their disclosure. The post Exploited Building Access System Vulnerability Patched 5 Years After Disclosure appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure Read More »

Recent TeamCity Vulnerability Exploited in Ransomware Attacks

exploited, Malware & Threats, Ransomware, TeamCity /

Recent TeamCity Vulnerability Exploited in Ransomware Attacks 2024-03-11 at 17:46 By Eduard Kovacs Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS. The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Recent TeamCity Vulnerability Exploited in Ransomware Attacks Read More »

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks

exploited, Fortinet, Vulnerabilities /

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks 2024-03-11 at 16:01 By Eduard Kovacs 150,000 systems possibly impacted by the recent Fortinet vulnerability ​​CVE-2024-21762, but there is still no evidence of widespread exploitation.  The post Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks appeared first

React to this headline:

Loading spinner

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks Read More »

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure

exploited, Featured, Malware & Threats, TeamCity /

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure 2024-03-07 at 13:36 By Eduard Kovacs Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed. The post Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure Read More »

Scroll to Top