exploited Archives

ICS/OT

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure

Vulnerabilities affecting a Nice Linear physical access product, including an exploited flaw, patched five years after their disclosure.

Eduard KovacsMarch 12, 2024

Malware & Threats

Recent TeamCity Vulnerability Exploited in Ransomware Attacks

Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS.

Eduard KovacsMarch 11, 2024

Vulnerabilities

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks

150,000 systems possibly impacted by the recent Fortinet vulnerability CVE-2024-21762, but there is still no evidence of widespread exploitation.

Eduard KovacsMarch 11, 2024

Malware & Threats

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure

Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed.

Eduard KovacsMarch 7, 2024

Vulnerabilities

CISA Warns of Pixel Phone Vulnerability Exploitation

CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.

Eduard KovacsMarch 6, 2024

Vulnerabilities

CISA Warns of Windows Streaming Service Vulnerability Exploitation

CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild.

Ionut ArghireMarch 1, 2024

Malware & Threats

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit.

Eduard KovacsFebruary 29, 2024

Vulnerabilities

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers

Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day.

Ionut ArghireFebruary 20, 2024

Vulnerabilities

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin

Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware.

Ionut ArghireFebruary 20, 2024

Vulnerabilities

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks

CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog.

Eduard KovacsFebruary 16, 2024

Vulnerabilities

Microsoft Warns of Exploited Exchange Server Zero-Day

Microsoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks.

Ionut ArghireFebruary 15, 2024

Malware & Threats

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor

Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft.

Ionut ArghireFebruary 13, 2024

Email Security

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.

Eduard KovacsFebruary 13, 2024

Vulnerabilities

Exploitation of Another Ivanti VPN Vulnerability Observed

Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins.

Ionut ArghireFebruary 12, 2024

Vulnerabilities

Fortinet Warns of New FortiOS Zero-Day

Fortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild.

Eduard KovacsFebruary 9, 2024

Vulnerabilities

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation

Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks.

Eduard KovacsJanuary 31, 2024

Malware & Threats

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet.

Ionut ArghireJanuary 31, 2024

Vulnerabilities

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.

Eduard KovacsJanuary 22, 2024

Nation-State

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half.

Ionut ArghireJanuary 22, 2024

Vulnerabilities

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases

The number of Ivanti VPN appliances compromised through exploitation of recent flaws increases and another vulnerability is added to exploited list.

Eduard KovacsJanuary 19, 2024

SECURITYWEEK NETWORK:

ICS:

All posts tagged "exploited"

ICS/OT

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure

Malware & Threats

Recent TeamCity Vulnerability Exploited in Ransomware Attacks

Vulnerabilities

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks

Malware & Threats

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure

Vulnerabilities

CISA Warns of Pixel Phone Vulnerability Exploitation

Vulnerabilities

CISA Warns of Windows Streaming Service Vulnerability Exploitation

Malware & Threats

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

Vulnerabilities

Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers

Vulnerabilities

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin

Vulnerabilities

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks

Vulnerabilities

Microsoft Warns of Exploited Exchange Server Zero-Day

Malware & Threats

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor

Email Security

CISA Warns of Roundcube Webmail Vulnerability Exploitation

Vulnerabilities

Exploitation of Another Ivanti VPN Vulnerability Observed

Vulnerabilities

Fortinet Warns of New FortiOS Zero-Day

Vulnerabilities

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation

Malware & Threats

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

Vulnerabilities

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

Nation-State

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

Vulnerabilities

Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases

Featured

Artificial Intelligence

Grok-4 Falls to a Jailbreak Two Days After Its Release

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Mobile & Wireless

eSIM Hack Allows for Cloning, Spying

IoT Security

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

Data Breaches

Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack

Nation-State

Alleged Chinese State Hacker Wanted by US Arrested in Italy

Artificial Intelligence

The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore

Latest News

Malware & Threats

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

Cybersecurity Funding

Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent

Artificial Intelligence

EU Unveils AI Code of Practice to Help Businesses Comply With Bloc’s Rules

Data Breaches

McDonald’s Chatbot Recruitment Platform Exposed 64 Million Job Applications

Vulnerabilities

Critical Wing FTP Server Vulnerability Exploited

Privacy & Compliance

TikTok Faces Fresh European Privacy Investigation Over China Data Transfers

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Daily Briefing Newsletter