Vulnerabilities CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks. Ionut ArghireDecember 4, 2024
Vulnerabilities Microsoft Patches Exploited Vulnerability in Partner Network Website Microsoft informed customers that vulnerabilities affecting cloud, AI and other services have been patched, including an exploited flaw. Eduard KovacsNovember 28, 2024
Vulnerabilities ProjectSend Vulnerability Exploited in the Wild VulnCheck warns of widespread exploitation of a year-and-a-half-old ProjectSend vulnerability for which multiple public exploits exist. Ionut ArghireNovember 27, 2024
Nation-State Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery. Ionut ArghireNovember 27, 2024
Vulnerabilities Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways CISA warns about attacks exploiting CVE-2023-28461, a critical vulnerability in Array Networks AG and vxAG secure access gateways. Ionut ArghireNovember 26, 2024
Ransomware Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks A ransomware group has been observed exploiting a recently patched command injection vulnerability in Zyxel firewalls for initial access. Ionut ArghireNovember 25, 2024
Vulnerabilities 400,000 Systems Potentially Exposed to 2023’s Most Exploited Flaws VulnCheck finds hundreds of thousands of internet-accessible hosts potentially vulnerable to 2023’s top frequently exploited flaws. Ionut ArghireNovember 22, 2024
Malware & Threats 2,000 Palo Alto Firewalls Compromised via New Vulnerabilities The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation. Eduard KovacsNovember 21, 2024
Vulnerabilities Exploitation Attempts Target Citrix Session Recording Vulnerabilities Exploitation attempts seen for two recently patched Citrix Session Recording vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069. Eduard KovacsNovember 21, 2024
Vulnerabilities CISA Warns of Progress Kemp LoadMaster Vulnerability Exploitation CISA is warning organizations that CVE-2024-1212, a Progress Kemp LoadMaster OS command injection vulnerability, is being exploited in attacks. Eduard KovacsNovember 20, 2024
Vulnerabilities Oracle Patches Exploited Agile PLM Zero-Day Oracle has patched a high-severity information disclosure zero-day in Agile PLM that has been exploited in the wild. Ionut ArghireNovember 20, 2024
Malware & Threats Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek Palo Alto Networks has released patches and CVEs for the firewall zero-days exploited in what the company calls Operation Lunar Peek. Eduard KovacsNovember 19, 2024