exploited Archives

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.

Eduard KovacsSeptember 28, 2023

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.

Eduard KovacsSeptember 22, 2023

Vulnerabilities

Thousands of Juniper Appliances Vulnerable to New Exploit

VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against.

Ionut ArghireSeptember 19, 2023

Endpoint Security

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks.

Eduard KovacsSeptember 19, 2023

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.

Eduard KovacsSeptember 13, 2023

Vulnerabilities

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023.

Ionut ArghireSeptember 12, 2023

Vulnerabilities

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published.

Ionut ArghireAugust 30, 2023

Malware & Threats

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner.

Eduard KovacsAugust 30, 2023

Malware & Threats

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective.

Ionut ArghireAugust 24, 2023

WinRAR zero-day CVE-2023-38831 exploited against traders

Cybercrime

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day

A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money.

Eduard KovacsAugust 24, 2023

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit.

Ionut ArghireAugust 23, 2023

Vulnerabilities

Exploitation of Ivanti Sentry Zero-Day Confirmed

While initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it.

Eduard KovacsAugust 23, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "exploited"

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Vulnerabilities

Thousands of Juniper Appliances Vulnerable to New Exploit

Endpoint Security

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

Vulnerabilities

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Vulnerabilities

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

Malware & Threats

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

Malware & Threats

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

Cybercrime

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

Vulnerabilities

Exploitation of Ivanti Sentry Zero-Day Confirmed

Featured

Vulnerabilities

New Windows Zero-Day Exploited by Chinese APT: Security Firm

Nation-State

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

Funding/M&A

SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024

Nation-State

Russian Seashell Blizzard Hackers Have Access to Critical Infrastructure: Microsoft

Malware & Threats

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day

Vulnerabilities

Intel Patched 374 Vulnerabilities in 2024

Malware & Threats

Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack

Latest News

Funding/M&A

SailPoint IPO Signals Bright Spot for Cybersecurity

Incident Response

Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems

Government

Sean Cairncross is Trump Nominee for National Cyber Director

ICS/OT

Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition

Vulnerabilities

Meta Paid Out Over $2.3 Million in Bug Bounties in 2024

ICS/OT

In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool

Vulnerabilities

SonicWall Firewall Vulnerability Exploited After PoC Publication

Daily Briefing Newsletter