November 16, 2023 at 05:50PM A new proof-of-concept (PoC) exploit for a critical security vulnerability in Apache ActiveMQ allows threat actors to achieve remote code execution (RCE) on vulnerable servers. Despite a patch being available, numerous organizations remain exposed, with the HelloKitty ransomware gang taking advantage. Researchers at VulnCheck have developed a more sophisticated exploit … Read more
November 14, 2023 at 07:42PM Microsoft’s November Patch Tuesday fixes around 60 vulnerabilities, including three that have already been exploited. These include privilege-escalation vulnerabilities in Windows Desktop Manager and Windows Cloud Files Mini Filter Driver, as well as a security feature bypass flaw in Windows Defender SmartScreen. Additionally, Adobe patched 76 vulnerabilities across its products, … Read more
October 31, 2023 at 11:51AM Hackers are actively exploiting a critical vulnerability in F5’s BIG-IP product, just five days after its disclosure. The flaw allows for remote code execution and unauthorized access. F5 has released hotfixes and is urging customers to install them immediately. Attackers are also exploiting another vulnerability in BIG-IP’s configuration utility. F5 … Read more
October 25, 2023 at 04:08PM A critical security update has been released for the Citrix NetScaler vulnerability, but an exploit is also available. The exploit is simpler to use and allows attackers to read session tokens and gain access to environments. Patching may not be enough as hijacked sessions can persist even after applying patches. … Read more
October 25, 2023 at 12:50PM The Winter Vivern cyber spy group has targeted European governments by exploiting an XSS zero-day vulnerability in the Roundcube webmail client. The group, linked to Russia and Belarus, used a convincing phishing email to launch a malicious payload, allowing them to access victims’ Roundcube accounts. Researchers warn that the group’s … Read more
October 25, 2023 at 11:30AM A proof-of-concept exploit has been released for the ‘Citrix Bleed’ vulnerability (CVE-2023-4966) allowing attackers to retrieve authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances. The vulnerability was previously abused as a zero-day in limited attacks and Citrix has urged administrators to patch the flaw immediately. The … Read more
October 18, 2023 at 01:48PM Google’s Threat Analysis Group has found that government-backed hacking groups from Russia and China are still using a security flaw in the WinRAR file archiving utility, despite patches being released three months ago. The vulnerability, which allows attackers to execute code, has been known since at least April and is … Read more
October 13, 2023 at 11:38AM A single-click exploit has raised concerns about the security of Microsoft’s Visual Studio IDE once again. Developed by security researcher Zhiniang Peng, the exploit takes advantage of the default implementation of the IDE’s “trusted locations” feature. Peng argues that enabling this feature by default would protect users from potential attacks, … Read more
October 11, 2023 at 02:20PM The Cybersecurity Infrastructure & Security Agency (CISA) has added an Adobe Acrobat Reader bug to its list of exploited vulnerabilities. The bug (CVE-2023-21608) exists in multiple versions of Adobe Acrobat and Reader and allows remote execution of malicious code. CISA advises users to update their software, which was patched in … Read more
October 11, 2023 at 08:54AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog. The vulnerability, tracked as CVE-2023-21608, is a use-after-free bug that allows for remote code execution. Adobe released a patch for the flaw in January 2023, but details … Read more