CISA tags NAKIVO backup flaw as actively exploited in attacks
CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup &…
Critical Cisco Smart Licensing Utility flaws now exploited in attacks
Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account.…
Salt Typhoon Exploits Cisco Devices in Telco Infrastructure
The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents…
Zyxel won’t patch newly exploited flaws in end-of-life routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans…
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was…
China’s UNC5337 Exploits a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the…
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before —…
Protect SAP Supply Chains by Preventing Cyber Attacks
Highly advanced and extremely dangerous cyberattacks are targeting SAP (from the company originally called “System Analysis Program” Development) software supply…
Ivanti warns of maximum severity CSA auth bypass vulnerability
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]
Critical RCE bug in VMware vCenter Server now exploited in attacks
Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote…