exploited Archives

Vulnerabilities

VMware vCenter Server Vulnerability Exploited in Wild

VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild.

Eduard KovacsJanuary 19, 2024

Vulnerabilities

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation

Citrix is aware of attacks exploiting two new NetScaler ADC and Gateway zero-day vulnerabilities tracked as CVE-2023-6548 and CVE-2023-6549.

Eduard KovacsJanuary 17, 2024

Malware & Threats

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech.

Eduard KovacsJanuary 16, 2024

Malware & Threats

CISA Urges Patching of Exploited SharePoint Server Vulnerability

CISA has added a critical Microsoft SharePoint Server flaw (CVE-2023-29357) to its Known Exploited Vulnerabilities catalog.

Ionut ArghireJanuary 11, 2024

Vulnerabilities

CISA Warns of Apache Superset Vulnerability Exploitation

CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog.

Ionut ArghireJanuary 9, 2024

Vulnerabilities

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070.

Eduard KovacsDecember 29, 2023

Malware & Threats

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog.

Eduard KovacsDecember 22, 2023

Vulnerabilities

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code.

Ionut ArghireDecember 15, 2023

Vulnerabilities

Sophos Patches EOL Firewalls Against Exploited Vulnerability

Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.

Ionut ArghireDecember 13, 2023

Vulnerabilities

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities.

Ionut ArghireDecember 6, 2023

Ransomware

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks.

Eduard KovacsNovember 30, 2023

Vulnerabilities

Google Patches Seventh Chrome Zero-Day of 2023

The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023.

Ionut ArghireNovember 29, 2023

Malware & Threats

Exploitation of Critical ownCloud Vulnerability Begins

Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.

Ionut ArghireNovember 28, 2023

Malware & Threats

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog.

Eduard KovacsNovember 17, 2023

Email Security

Zimbra Zero-Day Exploited to Hack Government Emails

Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails.

Eduard KovacsNovember 16, 2023

Malware & Threats

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild

CISA says an SLP vulnerability allowing for a DoS amplification factor of 2,000 is being exploited in attacks.

Ionut ArghireNovember 9, 2023

Ransomware

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.

Eduard KovacsNovember 9, 2023

Cloud Security

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks

Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group.

Eduard KovacsNovember 6, 2023

Vulnerabilities

Exploitation of Critical Confluence Vulnerability Begins

Threat actors have started exploiting a recent critical vulnerability in Confluence Data Center and Confluence Server.

Ionut ArghireNovember 6, 2023

Malware & Threats

Apache ActiveMQ Vulnerability Exploited as Zero-Day

The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10.

Eduard KovacsNovember 3, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "exploited"

Vulnerabilities

VMware vCenter Server Vulnerability Exploited in Wild

Vulnerabilities

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation

Malware & Threats

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

Malware & Threats

CISA Urges Patching of Exploited SharePoint Server Vulnerability

Vulnerabilities

CISA Warns of Apache Superset Vulnerability Exploitation

Vulnerabilities

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Malware & Threats

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

Vulnerabilities

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

Vulnerabilities

Sophos Patches EOL Firewalls Against Exploited Vulnerability

Vulnerabilities

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

Ransomware

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

Vulnerabilities

Google Patches Seventh Chrome Zero-Day of 2023

Malware & Threats

Exploitation of Critical ownCloud Vulnerability Begins

Malware & Threats

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

Email Security

Zimbra Zero-Day Exploited to Hack Government Emails

Malware & Threats

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild

Ransomware

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

Cloud Security

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks

Vulnerabilities

Exploitation of Critical Confluence Vulnerability Begins

Malware & Threats

Apache ActiveMQ Vulnerability Exploited as Zero-Day

Featured

Artificial Intelligence

Grok-4 Falls to a Jailbreak Two Days After Its Release

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Mobile & Wireless

eSIM Hack Allows for Cloning, Spying

IoT Security

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

Data Breaches

Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack

Nation-State

Alleged Chinese State Hacker Wanted by US Arrested in Italy

Artificial Intelligence

The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore

Latest News

Malware & Threats

In Other News: Microsoft Finds AMD CPU Flaws, ZuRu macOS Malware Evolves, DoNot APT Targets Govs

Cybersecurity Funding

Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent

Artificial Intelligence

EU Unveils AI Code of Practice to Help Businesses Comply With Bloc’s Rules

Data Breaches

McDonald’s Chatbot Recruitment Platform Exposed 64 Million Job Applications

Vulnerabilities

Critical Wing FTP Server Vulnerability Exploited

Privacy & Compliance

TikTok Faces Fresh European Privacy Investigation Over China Data Transfers

Mobile & Wireless

July 2025 Breaks a Decade of Monthly Android Patches

Daily Briefing Newsletter