exploited Archives

Vulnerabilities

Exploited Chrome Zero-Day Patched by Google

A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.

Eduard KovacsMay 10, 2024

Vulnerabilities

1,400 GitLab Servers Impacted by Exploited Vulnerability

CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.

Ionut ArghireMay 2, 2024

Palo Alto Networks vulnerability exploited

Incident Response

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.

Eduard KovacsApril 25, 2024

Vulnerabilities

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.

Ionut ArghireApril 24, 2024

Vulnerabilities

CrushFTP Patches Exploited Zero-Day Vulnerability

CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.

Ionut ArghireApril 22, 2024

Malware & Threats

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability

Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.

Ionut ArghireApril 22, 2024

Malware & Threats

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining

Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments.

Eduard KovacsApril 19, 2024

Malware & Threats

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.

Eduard KovacsApril 17, 2024

Malware & Threats

Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge

Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.

Eduard KovacsApril 15, 2024

Malware & Threats

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.

Ionut ArghireApril 12, 2024

IoT Security

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.

Eduard KovacsApril 12, 2024

Vulnerabilities

Palo Alto Networks Warns of Exploited Firewall Vulnerability

Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.

Ionut ArghireApril 12, 2024

Malware & Threats

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware.

Eduard KovacsApril 10, 2024

IoT Security

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices

Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild.

Eduard KovacsApril 9, 2024

Mobile & Wireless

Pixel Phone Zero-Days Exploited by Forensic Firms

Google this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices.

Ionut ArghireApril 4, 2024

Mobile & Wireless

Google Patches Exploited Pixel Vulnerabilities

Google patches 28 vulnerabilities in Android and 25 bugs in Pixel devices, including two flaws exploited in the wild.

Ionut ArghireApril 3, 2024

Artificial Intelligence

Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters

Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters.

Ionut ArghireMarch 27, 2024

Vulnerabilities

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks

CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild.

Eduard KovacsMarch 27, 2024

Vulnerabilities

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild.

Eduard KovacsMarch 26, 2024

Vulnerabilities

Aiohttp Vulnerability in Attacker Crosshairs

A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.

Eduard KovacsMarch 19, 2024

SECURITYWEEK NETWORK:

ICS:

All posts tagged "exploited"

Vulnerabilities

Exploited Chrome Zero-Day Patched by Google

Vulnerabilities

1,400 GitLab Servers Impacted by Exploited Vulnerability

Incident Response

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

Vulnerabilities

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

Vulnerabilities

CrushFTP Patches Exploited Zero-Day Vulnerability

Malware & Threats

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability

Malware & Threats

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining

Malware & Threats

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

Malware & Threats

Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge

Malware & Threats

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

IoT Security

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars

Vulnerabilities

Palo Alto Networks Warns of Exploited Firewall Vulnerability

Malware & Threats

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

IoT Security

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices

Mobile & Wireless

Pixel Phone Zero-Days Exploited by Forensic Firms

Mobile & Wireless

Google Patches Exploited Pixel Vulnerabilities

Artificial Intelligence

Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters

Vulnerabilities

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks

Vulnerabilities

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

Vulnerabilities

Aiohttp Vulnerability in Attacker Crosshairs

Featured

Artificial Intelligence

Grok-4 Falls to a Jailbreak Two Days After Its Release

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Mobile & Wireless

eSIM Hack Allows for Cloning, Spying

IoT Security

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

Data Breaches

Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack

Nation-State

Alleged Chinese State Hacker Wanted by US Arrested in Italy

Artificial Intelligence

The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore

Latest News

Malware & Threats

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

Cybersecurity Funding

Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent

Artificial Intelligence

EU Unveils AI Code of Practice to Help Businesses Comply With Bloc’s Rules

Data Breaches

McDonald’s Chatbot Recruitment Platform Exposed 64 Million Job Applications

Vulnerabilities

Critical Wing FTP Server Vulnerability Exploited

Privacy & Compliance

TikTok Faces Fresh European Privacy Investigation Over China Data Transfers

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Daily Briefing Newsletter