Zimbra RCE Vuln Under Attack Needs Immediate Patching
The bug gives attackers a way to run arbitrary code on affected servers and take control of them.
Progress urges admins to patch critical WhatsUp Gold bugs ASAP
Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon…
CUPS flaws enable Linux remote code execution, but there’s a catch
Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to…
Ivanti’s Cloud Service Appliance Attacked via Second Vuln
The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).
Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover
Critical-rated CVE-2024-20017 allows remote code execution (RCE) on a range of phones and Wi-Fi access points from a variety of…
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud…
Broadcom fixes critical RCE bug in VMware vCenter Server
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via…
Exploit code released for critical Ivanti RCE flaw, patch now
A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly…
Ivanti warns high severity CSA flaw is now exploited in attacks
Ivanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited…
Hackers targeting WhatsUp Gold with public exploit since August
Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring…