CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.
The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
Check Point VPN Attacks Involve Zero-Day Exploited Since April
The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords.
The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw
CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.
The post CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw appeared first on SecurityWeek.
Third Chrome Zero-Day Patched by Google Within One Week
Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day.
The post Third Chrome Zero-Day Patched by Google Within One Week appeared first on SecurityWeek.
Google Patches Second Chrome Zero-Day in One Week
Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week.
The post Google Patches Second Chrome Zero-Day in One Week appeared first on SecurityWeek.
Exploited Chrome Zero-Day Patched by Google
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek.
1,400 GitLab Servers Impacted by Exploited Vulnerability
CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.
The post 1,400 GitLab Servers Impacted by Exploited Vulnerability appeared first on SecurityWeek.
Palo Alto Networks Shares Remediation Advice for Hacked Firewalls
Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.
The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
CrushFTP Patches Exploited Zero-Day Vulnerability
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
