Vulnerabilities Companies Address Impact of Exploited Libwebp Vulnerability Companies have addressed the impact of the exploited Libwebp vulnerability CVE-2023-4863 on their products. Eduard KovacsOctober 3, 2023
Vulnerabilities Recently Patched TeamCity Vulnerability Exploited to Hack Servers In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers. Eduard KovacsOctober 2, 2023
Vulnerabilities Cisco Warns of IOS Software Zero-Day Exploitation Attempts Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. Ionut ArghireSeptember 28, 2023
Vulnerabilities Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor. Eduard KovacsSeptember 28, 2023
Mobile & Wireless Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones. Eduard KovacsSeptember 22, 2023
Vulnerabilities Thousands of Juniper Appliances Vulnerable to New Exploit VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against. Ionut ArghireSeptember 19, 2023
Endpoint Security Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks. Eduard KovacsSeptember 19, 2023
Malware & Threats After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware. Eduard KovacsSeptember 13, 2023
Vulnerabilities Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023. Ionut ArghireSeptember 12, 2023
Vulnerabilities Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published. Ionut ArghireAugust 30, 2023
Malware & Threats DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. Eduard KovacsAugust 30, 2023
Malware & Threats FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective. Ionut ArghireAugust 24, 2023