Microsoft fixes Outlook zero-day used by Russian hackers since April 2022
Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) exploited by a hacking group linked to Russia's military intelligence service GRU to…
Fortinet warns of new critical unauthenticated RCE vulnerability
Fortinet has disclosed a "Critical" vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or…
Aruba Networks fixes six critical vulnerabilities in ArubaOS
Aruba Networks published a security advisory to inform customers about six critical-severity vulnerabilities impacting multiple versions of ArubaOS, its proprietary…
Hackers now exploit critical Fortinet bug to backdoor servers
Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that…
VMware warns admins of critical Carbon Black App Control flaw
VMware has released a critical security upgrade to address a critical injection vulnerability that impacts several versions of Carbon Black…
GoAnywhere MFT zero-day vulnerability lets hackers breach servers
The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed…
Cisco fixes bug allowing backdoor persistence between reboots
Cisco has released security updates this week to address a high-severity vulnerability in the Cisco IOx application hosting environment that…
Hackers exploit Cacti critical bug to install malware, open reverse shells
More than 1,600 instances of the Cacti device monitoring tool reachable over the internet are vulnerable to a critical security…
Microsoft: Cuba ransomware hacking Exchange servers via OWASSRF flaw
Microsoft says Cuba ransomware threat actors are hacking their way into victims' networks via Microsoft Exchange servers unpatched against a critical…
Cisco warns of auth bypass bug with public exploit in EoL routers
Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers.…