Hackers are exploiting critical bug in LiteSpeed Cache plugin

August 23, 2024 at 01:32AM Hackers are exploiting a critical vulnerability in LiteSpeed Cache, a WordPress plugin for speeding up response times, just one day after the technical details were made public. Based on the meeting notes, it is imperative to take immediate action to address the critical severity vulnerability in LiteSpeed Cache, a WordPress … Read more

RansomHub Rolls Out Brand-New, EDR-Killing BYOVD Binary

August 16, 2024 at 01:18PM The utility gains privilege escalation and the ability to disable endpoint protection software by using a public exploit after loading a vulnerable driver. Based on the meeting notes, it appears that the discussion revolved around the use of a vulnerable driver to gain the ability to disable endpoint protection software … Read more

Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers

July 1, 2024 at 08:21AM Attackers are targeting a critical vulnerability (CVE-2024-0769) in discontinued D-Link DIR-859 WiFi routers, enabling remote exploitation without authentication and leaking sensitive information. A published exploit has already been observed in the wild, and mass exploitation is anticipated. D-Link urges owners to replace these devices, as they are no longer receiving … Read more

Recent SolarWinds Serv-U Vulnerability Exploited in the Wild

June 21, 2024 at 09:21AM Threat actors are exploiting a recently patched SolarWinds Serv-U vulnerability (CVE-2024-28995) using public proof-of-concept code, as reported by GreyNoise. The vulnerability allows unauthorized access to sensitive files on the host machine. Rapid7 published a technical writeup on successfully exploiting the issue, warning of its trivial exploitability. SolarWinds customers are urged … Read more

7-year-old Oracle WebLogic bug under active exploitation

June 6, 2024 at 06:44AM CISA added the 7-year-old Oracle vulnerability CVE-2017-3506 to its KEV catalog due to ongoing exploitation by Chinese cybercriminals. Recent research by Trend Micro found Water Sigbin leveraging this vulnerability to deploy cryptocurrency miners and evade detection. Patching is an issue, with Oracle potentially planning a special patch release due to … Read more

CISA Warns of Exploited Linux Kernel Vulnerability

May 31, 2024 at 07:36AM CISA warns of active exploitation of Linux kernel vulnerability CVE-2024-1086, enabling local attackers to elevate privileges. Affected versions range from 5.14 to 6.6, potentially impacting all versions since 3.15. Various distributions are confirmed affected, with potential for more. Proof-of-concept code has been published, and successful exploitation may lead to arbitrary … Read more

Exploit released for maximum severity Fortinet RCE bug, patch now

May 28, 2024 at 12:25PM Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiSIEM solution, impacting versions 6.4.0 and higher. Tracked as CVE-2024-23108, the flaw enables remote command execution as root without authentication. This PoC exploit could allow attackers to execute unauthorized commands and must be addressed promptly to … Read more

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

May 14, 2024 at 10:39AM Google has released emergency fixes for a high-severity zero-day flaw in the Chrome web browser (CVE-2024-4761) actively exploited in the wild. The vulnerability affects the V8 JavaScript and WebAssembly engine and could allow data corruption, crashes, or execution of arbitrary code. Google urges users to upgrade to Chrome version 124.0.6367.207/.208 … Read more

Google Patches Second Chrome Zero-Day in One Week

May 14, 2024 at 07:40AM Google has patched a second zero-day vulnerability, CVE-2024-4761, in Chrome just days after fixing CVE-2024-4671. Both flaws were exploited in attacks, with CVE-2024-4761 described as a high-severity issue. An anonymous researcher reported the vulnerability, and an exploit for it has been developed, but its effectiveness is unknown. Eight zero-days targeted … Read more

NHS Digital hints at exploit sightings of Arcserve UDP vulnerabilities

May 14, 2024 at 05:36AM The UK’s NHS warns that vulnerabilities in Arcserve Unified Data Protection software are likely being actively exploited. Despite not disclosing any specific data, NHS strongly encourages organizations to apply patches as outlined in Arcserve’s advisory. Critical vulnerabilities include authentication bypass and path traversal, posing risks of data theft, ransomware attacks, … Read more