Vulnerabilities CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability CISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week. Ionut ArghireDecember 20, 2024
Vulnerabilities BeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probe A critical vulnerability in BeyondTrust Privileged Remote Access and Remote Support could lead to arbitrary command execution. Ionut ArghireDecember 18, 2024
Vulnerabilities Exploitation of Recent Critical Apache Struts 2 Flaw Begins Researchers warn of malicious attacks exploiting a recently patched critical vulnerability in Apache Struts 2 leading to remote code execution (RCE). Ionut ArghireDecember 18, 2024
Vulnerabilities CISA Warns of Exploited Adobe ColdFusion, Windows Vulnerabilities CISA has warned organizations that two vulnerabilities affecting Adobe ColdFusion and Windows have been exploited in the wild. Eduard KovacsDecember 17, 2024
Ransomware CVE Assigned to Cleo Vulnerability as Cl0p Ransomware Group Takes Credit for Exploitation The Cl0p ransomware group has taken credit for exploitation of the Cleo product vulnerability tracked as CVE-2024-55956. Eduard KovacsDecember 16, 2024
Malware & Threats Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks Cleo has released patches for the exploited vulnerability and security firms have detailed the malware delivered in attacks. Eduard KovacsDecember 12, 2024
Vulnerabilities Hunk Companion, WP Query Console Vulnerabilities Chained to Hack WordPress Sites Two vulnerabilities in the Hunk Companion and WP Query Console WordPress plugins allow attackers to backdoor websites. Ionut ArghireDecember 12, 2024
Cybercrime Cleo Vulnerability Exploitation Linked to Termite Ransomware Group Exploitation of a vulnerability affecting Cleo file transfer tools has been linked to the new Termite ransomware group. Eduard KovacsDecember 11, 2024
Vulnerabilities Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises CVE-2024-50623, an improperly patched vulnerability affecting Cleo file transfer tools, has been exploited in the wild. Eduard KovacsDecember 10, 2024
Vulnerabilities CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks. Ionut ArghireDecember 4, 2024
Vulnerabilities Microsoft Patches Exploited Vulnerability in Partner Network Website Microsoft informed customers that vulnerabilities affecting cloud, AI and other services have been patched, including an exploited flaw. Eduard KovacsNovember 28, 2024
Vulnerabilities ProjectSend Vulnerability Exploited in the Wild VulnCheck warns of widespread exploitation of a year-and-a-half-old ProjectSend vulnerability for which multiple public exploits exist. Ionut ArghireNovember 27, 2024
Nation-State Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery. Ionut ArghireNovember 27, 2024
Vulnerabilities Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways CISA warns about attacks exploiting CVE-2023-28461, a critical vulnerability in Array Networks AG and vxAG secure access gateways. Ionut ArghireNovember 26, 2024
Ransomware Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks A ransomware group has been observed exploiting a recently patched command injection vulnerability in Zyxel firewalls for initial access. Ionut ArghireNovember 25, 2024
Vulnerabilities 400,000 Systems Potentially Exposed to 2023’s Most Exploited Flaws VulnCheck finds hundreds of thousands of internet-accessible hosts potentially vulnerable to 2023’s top frequently exploited flaws. Ionut ArghireNovember 22, 2024
Malware & Threats 2,000 Palo Alto Firewalls Compromised via New Vulnerabilities The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation. Eduard KovacsNovember 21, 2024
Vulnerabilities Exploitation Attempts Target Citrix Session Recording Vulnerabilities Exploitation attempts seen for two recently patched Citrix Session Recording vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069. Eduard KovacsNovember 21, 2024
Vulnerabilities CISA Warns of Progress Kemp LoadMaster Vulnerability Exploitation CISA is warning organizations that CVE-2024-1212, a Progress Kemp LoadMaster OS command injection vulnerability, is being exploited in attacks. Eduard KovacsNovember 20, 2024
Vulnerabilities Oracle Patches Exploited Agile PLM Zero-Day Oracle has patched a high-severity information disclosure zero-day in Agile PLM that has been exploited in the wild. Ionut ArghireNovember 20, 2024