Over 1,400 CrushFTP servers vulnerable to actively exploited bug
Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability…
Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability…
Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance…
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials…
BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using…
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted…
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with…
CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today,…
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability…
Cisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local…
Delinea rolls out Secret Server SOAP API flaw fixes, while researcher claims the vendor ignored his findings for weeks.