Vulnerabilities Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks 150,000 systems possibly impacted by the recent Fortinet vulnerability CVE-2024-21762, but there is still no evidence of widespread exploitation. Eduard KovacsMarch 11, 2024
Malware & Threats Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed. Eduard KovacsMarch 7, 2024
Vulnerabilities CISA Warns of Pixel Phone Vulnerability Exploitation CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog. Eduard KovacsMarch 6, 2024
Vulnerabilities CISA Warns of Windows Streaming Service Vulnerability Exploitation CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild. Ionut ArghireMarch 1, 2024
Malware & Threats Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. Eduard KovacsFebruary 29, 2024
Vulnerabilities Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day. Ionut ArghireFebruary 20, 2024
Vulnerabilities Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware. Ionut ArghireFebruary 20, 2024
Vulnerabilities CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog. Eduard KovacsFebruary 16, 2024
Vulnerabilities Microsoft Warns of Exploited Exchange Server Zero-Day Microsoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks. Ionut ArghireFebruary 15, 2024
Malware & Threats Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft. Ionut ArghireFebruary 13, 2024
Email Security CISA Warns of Roundcube Webmail Vulnerability Exploitation CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. Eduard KovacsFebruary 13, 2024
Vulnerabilities Exploitation of Another Ivanti VPN Vulnerability Observed Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins. Ionut ArghireFebruary 12, 2024