SEXi Ransomware Desires VMware Hypervisors in Ongoing Campaign
A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks,…
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software,…
Black Basta, Bl00dy ransomware gangs join ScreenConnect attacks
The Black Basta and Bl00dy ransomware gangs have joined widespread attacks targeting ScreenConnect servers unpatched against a maximum severity authentication…
CISA: Roundcube email server bug now exploited in attacks
CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks.…
Ivanti: Patch new Connect Secure auth bypass bug immediately
Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to…
Ivanti warns of new Connect Secure zero-day exploited in attacks
Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day…
Ivanti: VPN appliances vulnerable if pushing configs after mitigation
Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable…
Researchers link 3AM ransomware to Conti, Royal cybercrime gangs
Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as…
CISA emergency directive: Mitigate Ivanti zero-days immediately
CISA issued this year's first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect…
VMware confirms critical vCenter flaw now exploited in attacks
VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation.…