exploited

Aiohttp Vulnerability in Attacker Crosshairs

exploited, Vulnerabilities /

Aiohttp Vulnerability in Attacker Crosshairs 2024-03-19 at 12:23 By Eduard Kovacs A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group. The post Aiohttp Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to […]

React to this headline:

Loading spinner

Aiohttp Vulnerability in Attacker Crosshairs Read More »

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure

building, exploited, Featured, ICS/OT, IoT Security, vulnerability /

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure 2024-03-12 at 13:18 By Eduard Kovacs Vulnerabilities affecting a Nice Linear physical access product, including an exploited flaw, patched five years after their disclosure. The post Exploited Building Access System Vulnerability Patched 5 Years After Disclosure appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure Read More »

Recent TeamCity Vulnerability Exploited in Ransomware Attacks

exploited, Malware & Threats, Ransomware, TeamCity /

Recent TeamCity Vulnerability Exploited in Ransomware Attacks 2024-03-11 at 17:46 By Eduard Kovacs Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS. The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Recent TeamCity Vulnerability Exploited in Ransomware Attacks Read More »

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks

exploited, Fortinet, Vulnerabilities /

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks 2024-03-11 at 16:01 By Eduard Kovacs 150,000 systems possibly impacted by the recent Fortinet vulnerability ​​CVE-2024-21762, but there is still no evidence of widespread exploitation.  The post Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks appeared first

React to this headline:

Loading spinner

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks Read More »

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure

exploited, Featured, Malware & Threats, TeamCity /

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure 2024-03-07 at 13:36 By Eduard Kovacs Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed. The post Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure Read More »

CISA Warns of Pixel Phone Vulnerability Exploitation

Android, CISA KEV, exploited, Pixel, Vulnerabilities /

CISA Warns of Pixel Phone Vulnerability Exploitation 2024-03-06 at 14:07 By Eduard Kovacs CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.  The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

CISA Warns of Pixel Phone Vulnerability Exploitation Read More »

CISA Warns of Windows Streaming Service Vulnerability Exploitation

exploited, Featured, Vulnerabilities, Windows /

CISA Warns of Windows Streaming Service Vulnerability Exploitation 2024-03-01 at 16:01 By Ionut Arghire CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild. The post CISA Warns of Windows Streaming Service Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Windows Streaming Service Vulnerability Exploitation Read More »

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

CVE-2024-21338, exploited, Featured, Lazarus, Malware & Threats, North Korea, Vulnerabilities, Windows, Zero-Day /

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack 2024-02-29 at 13:46 By Eduard Kovacs North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. The post Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack Read More »

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers

Exchange, exploited, Vulnerabilities, Zero-Day /

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers 2024-02-20 at 17:02 By Ionut Arghire Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day. The post Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers Read More »

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin

exploited, Vulnerabilities, WordPress /

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin 2024-02-20 at 16:16 By Ionut Arghire Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware. The post Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin Read More »

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks

CISA KEV, Cisco, exploited, Vulnerabilities /

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks 2024-02-16 at 14:02 By Eduard Kovacs CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog.  The post CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks Read More »

Microsoft Warns of Exploited Exchange Server Zero-Day

Exchange, exploited, Microsoft Outlook, Vulnerabilities, Zero-Day /

Microsoft Warns of Exploited Exchange Server Zero-Day 2024-02-15 at 13:46 By Ionut Arghire Microsoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks. The post Microsoft Warns of Exploited Exchange Server Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Microsoft Warns of Exploited Exchange Server Zero-Day Read More »

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor

backdoor, exploited, Ivanti, Malware & Threats /

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor 2024-02-13 at 15:31 By Ionut Arghire Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft. The post Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor Read More »

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA, CISA KEV, email security, exploited, Roundcube, Vulnerabilities /

CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »

Exploitation of Another Ivanti VPN Vulnerability Observed

exploited, Featured, Ivanti, PoC, Vulnerabilities /

Exploitation of Another Ivanti VPN Vulnerability Observed 2024-02-12 at 13:01 By Ionut Arghire Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins. The post Exploitation of Another Ivanti VPN Vulnerability Observed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Exploitation of Another Ivanti VPN Vulnerability Observed Read More »

Fortinet Warns of New FortiOS Zero-Day

exploited, Featured, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Warns of New FortiOS Zero-Day 2024-02-09 at 13:46 By Eduard Kovacs Fortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild. The post Fortinet Warns of New FortiOS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Fortinet Warns of New FortiOS Zero-Day Read More »

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation

exploited, Jenkins, Vulnerabilities /

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation 2024-01-31 at 14:40 By Eduard Kovacs Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks. The post 45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation Read More »

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

botnet, exploited, Malware & Threats, Zero-Day /

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet 2024-01-31 at 12:32 By Ionut Arghire Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet. The post Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet Read More »

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

Atlassian, Confluence, exploited, Featured, Vulnerabilities, vulnerability /

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure 2024-01-22 at 18:16 By Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.  The post Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure Read More »

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

China, China APT, exploited, Nation-State, VMWare, Vulnerabilities /

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 2024-01-22 at 13:16 By Ionut Arghire CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half. The post Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 Read More »

Scroll to Top