Vulnerabilities Recent SolarWinds Serv-U Vulnerability Exploited in the Wild Threat actors are exploiting a recent path traversal vulnerability in SolarWinds Serv-U using public PoC code. Ionut ArghireJune 21, 2024
Malware & Threats CISA Warns of Progress Telerik Vulnerability Exploitation CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible. Ionut ArghireJune 14, 2024
Ransomware Ransomware Group Exploits PHP Vulnerability Days After Disclosure The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure. Ionut ArghireJune 12, 2024
Malware & Threats Arm Warns of Exploited Kernel Driver Vulnerability Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks. Ionut ArghireJune 11, 2024
Vulnerabilities Exploitation of Recent Check Point VPN Zero-Day Soars GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day. Ionut ArghireJune 6, 2024
Malware & Threats CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog. Eduard KovacsJune 4, 2024
Malware & Threats PoC Published for Exploited Check Point VPN Vulnerability PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. Ionut ArghireJune 3, 2024
Vulnerabilities CISA Warns of Exploited Linux Kernel Vulnerability CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation. Ionut ArghireMay 31, 2024
Malware & Threats Check Point VPN Attacks Involve Zero-Day Exploited Since April The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. Eduard KovacsMay 30, 2024
Government CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog. Eduard KovacsMay 21, 2024
Vulnerabilities Third Chrome Zero-Day Patched by Google Within One Week Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day. Ionut ArghireMay 16, 2024
Vulnerabilities Google Patches Second Chrome Zero-Day in One Week Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week. Eduard KovacsMay 14, 2024
Vulnerabilities Exploited Chrome Zero-Day Patched by Google A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024. Eduard KovacsMay 10, 2024
Vulnerabilities 1,400 GitLab Servers Impacted by Exploited Vulnerability CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched. Ionut ArghireMay 2, 2024
Incident Response Palo Alto Networks Shares Remediation Advice for Hacked Firewalls Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400. Eduard KovacsApril 25, 2024
Vulnerabilities CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild. Ionut ArghireApril 24, 2024
Vulnerabilities CrushFTP Patches Exploited Zero-Day Vulnerability CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. Ionut ArghireApril 22, 2024
Malware & Threats Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400. Ionut ArghireApril 22, 2024
Malware & Threats OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments. Eduard KovacsApril 19, 2024
Malware & Threats Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released. Eduard KovacsApril 17, 2024