CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint.
The post SAP Applications Increasingly in Attacker Crosshairs, Report Shows appeared first on SecurityWeek.
CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild.
The post CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks appeared first on SecurityWeek.
CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.
The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek.
CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog.
The post CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks appeared first on SecurityWeek.
CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog.
The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek.
In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours.
The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first on SecurityWeek.
Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.”
The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek.
CISA has added a critical-severity Apache Superset flaw (CVE-2023-27524) to its Known Exploited Vulnerabilities catalog.
The post CISA Warns of Apache Superset Vulnerability Exploitation appeared first on SecurityWeek.
CISA has added to its Known Exploited Vulnerabilities Catalog four Qualcomm bugs, including three exploited as zero-days.
The post CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities appeared first on SecurityWeek.