September 27, 2024 at 12:42PM Progress Software has addressed six security flaws in WhatsUp Gold, including two critical vulnerabilities, through updates in version 24.0.1. The CVE identifiers for the flaws and their respective CVSS scores have been listed. Security researcher Sina Kheirkhah and others have been credited with discovering and reporting the flaws. Users are … Read more
April 12, 2024 at 07:36AM The recently disclosed D-Link NAS device vulnerabilities, assigned 2 identifiers, are being exploited, prompting D-Link to urge customers to replace affected devices. Exploitation attempts increased to 140 unique IPs, and Shadowserver Foundation reported seeing over 150 IPs attempting to exploit the vulnerabilities. GreyNoise reported roughly 5,500 impacted devices, while Shadowserver … Read more
April 9, 2024 at 06:06AM An unpatched vulnerability affecting D-Link NAS devices (CVE-2024-3273) is being exploited in the wild. The vulnerability allows unauthenticated attackers to execute arbitrary commands, potentially leading to information theft or system configuration alteration. D-Link confirmed affected models, with exploitation attempts already observed. CISA is aware of 16 D-Link product vulnerabilities exploited … Read more
March 19, 2024 at 06:18AM Hackers are targeting a recently patched Aiohttp vulnerability, potentially affecting thousands of servers globally. A Shodan search reveals over 70,000 instances, with notable exposure in the US, China, and Germany. Cyble’s scanner identified 43,000 exposed instances, with high percentages in the US and Europe. Exploitation attempts have been observed, including … Read more
February 19, 2024 at 12:56PM Hackers are exploiting a critical remote code execution flaw in the Bricks Builder Theme, allowing them to run malicious PHP code on vulnerable sites. A fix in version 1.9.6.1 was released on February 13 to address the vulnerability (CVE-2024-25600). Active exploitation attempts began on February 14, with specific IP addresses … Read more
January 22, 2024 at 11:06AM Attempts to exploit a critical Atlassian Confluence vulnerability, CVE-2023-22527, began shortly after its disclosure. Out-of-date versions of Confluence Data Center and Server are affected, allowing unauthenticated attackers to achieve remote code execution. The Shadowserver Foundation reported 40,000 exploitation attempts, highlighting widespread activity and the ongoing risk to vulnerable servers. Based … Read more
January 22, 2024 at 08:45AM Security researchers detect exploitation attempts for the critical CVE-2023-22527 vulnerability affecting older Atlassian Confluence servers, potentially exposing them to remote code execution. Atlassian provides fixes for affected versions and reports multiple attempts to exploit the flaw, mainly from Russian IP addresses. Server administrators are advised to update to a secure … Read more
January 8, 2024 at 12:50PM SonicWall has observed thousands of daily exploitation attempts targeting the Apache OFBiz zero-day vulnerability. The severity is near-maximum, with a 9.8 rating, allowing attackers to bypass authentication and execute arbitrary code. They urge immediate upgrading to OFBiz version 18.12.11 to address this and another equally serious vulnerability. Apache OFBiz has … Read more
December 15, 2023 at 06:42AM Threat actors are exploiting a critical remote code execution flaw in internet-accessible Apache Struts 2 instances. Tracked as CVE-2023-50164, the bug allows attackers to manipulate file upload parameters and upload malicious files, resulting in RCE. Despite widespread exploitation attempts, scaling the attack is challenging. Users of affected Struts versions are … Read more