A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek.
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek.
CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.
The post 1,400 GitLab Servers Impacted by Exploited Vulnerability appeared first on SecurityWeek.
Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.
The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.
CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability appeared first on SecurityWeek.
Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments.
The post OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining appeared first on SecurityWeek.
Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.
Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.
The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared first on SecurityWeek.
A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.
The post State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls appeared first on SecurityWeek.