An Avtech camera vulnerability that likely remains unfixed has been exploited in the wild, according to CISA.
The post CISA Warns of Avtech Camera Vulnerability Exploited in Wild appeared first on SecurityWeek.
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances
Shadowserver has observed over 20,000 internet-accessible VMware ESXi instances impacted by an exploited vulnerability.
The post Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances appeared first on SecurityWeek.
Acronis Product Vulnerability Exploited in the Wild
Acronis warns of a critical-severity Acronis Cyber Infrastructure (ACI) vulnerability being exploited in attacks.
The post Acronis Product Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks
Threat actors have started exploiting critical-severity vulnerabilities in ServiceNow shortly after public disclosure.
The post Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks appeared first on SecurityWeek.
Organizations Warned of Exploited Twilio Authy Vulnerability
CISA warns of the in-the-wild exploitation of CVE-2024-39891, a Twilio Authy bug leading to the disclosure of phone number data.
The post Organizations Warned of Exploited Twilio Authy Vulnerability appeared first on SecurityWeek.
Recent Adobe Commerce Vulnerability Exploited in Wild
Adobe and CISA warn that a recent Adobe Commerce vulnerability has been exploited in the wild.
The post Recent Adobe Commerce Vulnerability Exploited in Wild appeared first on SecurityWeek.
Apache HugeGraph Vulnerability Exploited in Wild
A recently patched Apache HugeGraph-Server vulnerability tracked as CVE-2024-27348 is being targeted in attacks.
The post Apache HugeGraph Vulnerability Exploited in Wild appeared first on SecurityWeek.
Organizations Warned of Exploited GeoServer Vulnerability
CISA says it has evidence that a recent critical-severity vulnerability in GeoServer is exploited in the wild.
The post Organizations Warned of Exploited GeoServer Vulnerability appeared first on SecurityWeek.
APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer
The Void Banshee APT exploited the CVE-2024-38112 Windows zero-day to infect systems with the Atlantida stealer.
The post APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer appeared first on SecurityWeek.
Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies
Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant.
The post Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies appeared first on SecurityWeek.
