Ivanti warns high severity CSA flaw is now exploited in attacks
Ivanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited…
Hackers targeting WhatsUp Gold with public exploit since August
Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring…
Adobe fixes Acrobat Reader zero-day with public PoC exploit
A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote…
Microsoft Discloses 4 Zero-Days in September Update
This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year.
Ivanti fixes maximum severity RCE bug in Endpoint Management software
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote…
Akira Ransomware Actors Exploit SonicWall Bug for RCE
CISA has added CE-2024-40766 to its Known Exploited Vulnerabilities catalog.
Apache fixes critical OFBiz remote code execution vulnerability
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to…
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses…
D-Link says it is not fixing four RCE flaws in DIR-846W routers
D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router…
North Korean hackers exploit Chrome zero-day to deploy rootkit
North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM…