Please turn on your JavaScript for this page to function normally.
Cisco ASA 5500-X
Akira, LockBit actively searching for vulnerable Cisco ASA devices

Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. …

Ivanti
Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity …

Ivanti
1,700 Ivanti VPN devices compromised. Are yours among them?

Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional …

Apache Struts
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. …

ownCloud
Critical ownCloud flaw under attack (CVE-2023-49103)

Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in …

atlassian confluence
Atlassian Confluence data-wiping vulnerability exploited

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …

atlassian confluence
Critical Atlassian Confluence vulnerability exploited by state-backed threat actor

A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have …

cybersecurity search engines
11 search engines for cybersecurity research you can use right now

Staying ahead in cybersecurity requires constant learning and adaptation. If you’re interested in cybersecurity research, explore the resources outlined below. …

Citrix
Citrix ADC zero-day exploitation: CISA releases details about attack on CI organization (CVE-2023-3519)

The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the …

VMware
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being …

Help Net Security
ThreatBlockr integrates with GreyNoise to guard against false positives

ThreatBlockr and GreyNoise announced a partnership that will enhance the ThreatBlockr platform. By leveraging GreyNoise data, ThreatBlockr customers now have automatic access …

IBM
Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)

Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 …

Don't miss

Cybersecurity news