CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog.
The post CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild appeared first on SecurityWeek.
Recent Apache Struts 2 Vulnerability in Attacker Crosshairs
Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code.
The post Recent Apache Struts 2 Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Sophos Patches EOL Firewalls Against Exploited Vulnerability
Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.
The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek.
Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes
The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities.
The post Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes appeared first on SecurityWeek.
Qlik Sense Vulnerabilities Exploited in Ransomware Attacks
Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks.
The post Qlik Sense Vulnerabilities Exploited in Ransomware Attacks appeared first on SecurityWeek.
Google Patches Seventh Chrome Zero-Day of 2023
The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023.
The post Google Patches Seventh Chrome Zero-Day of 2023 appeared first on SecurityWeek.
Exploitation of Critical ownCloud Vulnerability Begins
Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability
CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog.
The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek.
Zimbra Zero-Day Exploited to Hack Government Emails
Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails.
The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek.
CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild
CISA says an SLP vulnerability allowing for a DoS amplification factor of 2,000 is being exploited in attacks.
The post CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild appeared first on SecurityWeek.
