Please turn on your JavaScript for this page to function normally.
Acronis
Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)

CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers. About Acronis Cyber Infrastructure Acronis …

Progress
Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)

Progress Software has fixed a critical vulnerability (CVE-2024-6327) in its Telerik Report Server solution and is urging users to upgrade as soon as possible. About …

Docker fixes critical auth bypass flaw, again (CVE-2024-41110)

A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, …

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s …

Microsoft
Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to …

email
Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and …

zero day
Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for …

Patch Tuesday
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in …

Fortra FileCatalyst
PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)

A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s …

vulnerabilities
75% of new vulnerabilities exploited within 19 days

Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes — averaging 600 new vulnerabilities per week, …

Intel
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary …

vmware
Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud …

Don't miss

Cybersecurity news