July 29, 2024 at 01:25PM Cybersecurity company Acronis warns of a critical security flaw, CVE-2023-45249, in its Cyber Infrastructure product, allowing remote code execution due to default passwords. Versions 5.0.1-61 to 5.4.4-132 are affected, with updates released in late October 2023. The exploit has been observed in the wild, urging affected users to update for … Read more
June 27, 2024 at 03:36AM A critical security flaw, tracked as CVE-2024-5276, has been disclosed in Fortra FileCatalyst Workflow, allowing attackers to tamper with the application database. The vulnerability, with a CVSS score of 9.8, impacts versions 5.1.6 Build 135 and earlier, but has been addressed in version 5.1.6 build 139. Tenable released a proof-of-concept … Read more
February 12, 2024 at 10:48AM South Korean researchers discovered and publicly disclosed a flaw in Rhysida ransomware, enabling the creation of a free Windows decryptor. This ransomware is known for targeting healthcare organizations and was the subject of a warning by the FBI and CISA for attacks against various industries. The flaw allowed for the … Read more