Exploitation attempts targeting CVE-2024-5806, a critical MOVEit Transfer vulnerability patched recently, have started.
The post Exploitation Attempts Target New MOVEit Transfer Vulnerability appeared first on SecurityWeek.
Recent Zyxel NAS Vulnerability Exploited by Botnet
A Mirai-like botnet has started exploiting a critical-severity vulnerability in discontinued Zyxel NAS products.
The post Recent Zyxel NAS Vulnerability Exploited by Botnet appeared first on SecurityWeek.
Recent SolarWinds Serv-U Vulnerability Exploited in the Wild
Threat actors are exploiting a recent path traversal vulnerability in SolarWinds Serv-U using public PoC code.
The post Recent SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek.
CISA Warns of Progress Telerik Vulnerability Exploitation
CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.
The post CISA Warns of Progress Telerik Vulnerability Exploitation appeared first on SecurityWeek.
Ransomware Group Exploits PHP Vulnerability Days After Disclosure
The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.
The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek.
Arm Warns of Exploited Kernel Driver Vulnerability
Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.
The post Arm Warns of Exploited Kernel Driver Vulnerability appeared first on SecurityWeek.
Exploitation of Recent Check Point VPN Zero-Day Soars
GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day.
The post Exploitation of Recent Check Point VPN Zero-Day Soars appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability
CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog.
The post CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability appeared first on SecurityWeek.
PoC Published for Exploited Check Point VPN Vulnerability
PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances.
The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek.
CISA Warns of Exploited Linux Kernel Vulnerability
CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.
The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
