exploited Archives

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.

Eduard Kovacs5 days ago

Vulnerabilities

Thousands of Juniper Appliances Vulnerable to New Exploit

VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against.

Ionut ArghireSeptember 19, 2023

Endpoint Security

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks.

Eduard KovacsSeptember 19, 2023

Pegasus spyware delivered to iOS and Android devices

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.

Eduard KovacsSeptember 13, 2023

Vulnerabilities

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023.

Ionut ArghireSeptember 12, 2023

Vulnerabilities

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published.

Ionut ArghireAugust 30, 2023

Malware & Threats

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner.

Eduard KovacsAugust 30, 2023

Malware & Threats

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective.

Ionut ArghireAugust 24, 2023

WinRAR zero-day CVE-2023-38831 exploited against traders

Cybercrime

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day

A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money.

Eduard KovacsAugust 24, 2023

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit.

Ionut ArghireAugust 23, 2023

Vulnerabilities

Exploitation of Ivanti Sentry Zero-Day Confirmed

While initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it.

Eduard KovacsAugust 23, 2023

Adobe ColdFusion vulnerability exploited

Malware & Threats

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild.

Eduard KovacsAugust 22, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "exploited"

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Vulnerabilities

Thousands of Juniper Appliances Vulnerable to New Exploit

Endpoint Security

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

Vulnerabilities

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Vulnerabilities

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

Malware & Threats

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

Malware & Threats

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

Cybercrime

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

Vulnerabilities

Exploitation of Ivanti Sentry Zero-Day Confirmed

Malware & Threats

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

Featured

CISO Strategy

The CISO Carousel and its Effect on Enterprise Cybersecurity

Mobile & Wireless

Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Cyberwarfare

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware

Funding/M&A

Cisco to Acquire Splunk for $28 Billion

Cybercrime

MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks

Cybersecurity Funding

SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation

Latest News

Endpoint Security

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

Endpoint Security

Microsoft Adding New Security Features to Windows 11

Cyberwarfare

UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor

Ransomware

Sony Investigating After Hackers Offer to Sell Stolen Data

Malware & Threats

Xenomorph Android Banking Trojan Targeting Users in US, Canada

Cybercrime

$200 Million in Cryptocurrency Stolen in Mixin Network Hack

Cyberwarfare

Stealthy APT Gelsemium Seen Targeting Southeast Asian Government