Please turn on your JavaScript for this page to function normally.
ransomware
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)

Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …

F5
F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has …

F5
F5 fixes critical BIG-IP vulnerability, PoC is public (CVE-2023-46747)

F5 Networks has released hotfixes for two vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass …

Linux
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)

A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, …

WinRAR
Fake WinRAR PoC spread VenomRAT malware

An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread …

VMware
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)

VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network …

Juniper Networks
PoC for no-auth RCE on Juniper firewalls released

Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow …

Citrix ShareFile
Citrix ShareFile vulnerability actively exploited (CVE-2023-24489)

CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers. GreyNoise has flagged on Tuesday a sudden …

backup
PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)

An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin …

Cisco
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility …

vmware
VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887)

VMware has fixed two critical (CVE-2023-20887, CVE-2023-20888) and one important vulnerability (CVE-2023-20889) in Aria Operations for Networks (formerly vRealize Network …

Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

Don't miss

Cybersecurity news