Vulnerabilities 1,400 GitLab Servers Impacted by Exploited Vulnerability CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched. Ionut Arghire3 days ago
Incident Response Palo Alto Networks Shares Remediation Advice for Hacked Firewalls Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400. Eduard KovacsApril 25, 2024
Vulnerabilities CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild. Ionut ArghireApril 24, 2024
Vulnerabilities CrushFTP Patches Exploited Zero-Day Vulnerability CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. Ionut ArghireApril 22, 2024
Malware & Threats Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400. Ionut ArghireApril 22, 2024
Malware & Threats OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments. Eduard KovacsApril 19, 2024
Malware & Threats Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released. Eduard KovacsApril 17, 2024
Malware & Threats Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. Eduard KovacsApril 15, 2024
Malware & Threats State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks. Ionut ArghireApril 12, 2024
IoT Security Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar. Eduard KovacsApril 12, 2024
Vulnerabilities Palo Alto Networks Warns of Exploited Firewall Vulnerability Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls. Ionut ArghireApril 12, 2024
Malware & Threats Microsoft Patches Two Zero-Days Exploited for Malware Delivery Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. Eduard KovacsApril 10, 2024