March 7, 2024 at 11:12AM AnyCubic addressed a zero-day vulnerability by releasing new Kobra 2 firmware, fixing an exploit that printed security warnings on 3D printers worldwide. The company strengthened security measures and plans to implement further updates. Despite apologizing for the incident, AnyCubic has not explained the previous lack of response to security researchers’ … Read more
February 26, 2024 at 10:21AM A critical SQL injection vulnerability in the Ultimate Member WordPress plugin with 200,000 installations allowed unauthenticated attackers to extract sensitive data by appending SQL queries. The flaw, tracked as CVE-2024-1071, was assigned a CVSS score of 9.8. The issue was resolved in the Ultimate Member version 2.8.3 on February 19. … Read more
February 19, 2024 at 12:56PM Hackers are exploiting a critical remote code execution flaw in the Bricks Builder Theme, allowing them to run malicious PHP code on vulnerable sites. A fix in version 1.9.6.1 was released on February 13 to address the vulnerability (CVE-2024-25600). Active exploitation attempts began on February 14, with specific IP addresses … Read more
February 9, 2024 at 09:38AM Summary: Fortinet faced a series of security vulnerabilities impacting FortiOS, including a critical SSL VPN issue. Users were urged to upgrade to patched versions, with specific guidelines for affected FortiOS versions. Fortinet’s delayed and confusing response to vulnerability disclosures drew criticism. Additionally, an unusual incident involving a toothbrush DDoS attack … Read more
February 7, 2024 at 01:33PM JetBrains has issued a security patch for a critical vulnerability in its TeamCity On-Premises server, which could be exploited by remote attackers to gain control over the server. This impacts all versions from 2017.1 to 2023.11.2. Users are urged to update to the patched version or install a security patch … Read more
January 22, 2024 at 08:45AM Security researchers detect exploitation attempts for the critical CVE-2023-22527 vulnerability affecting older Atlassian Confluence servers, potentially exposing them to remote code execution. Atlassian provides fixes for affected versions and reports multiple attempts to exploit the flaw, mainly from Russian IP addresses. Server administrators are advised to update to a secure … Read more
January 19, 2024 at 07:15PM Chinese cyberspies have been exploiting a VMware security vulnerability, CVE-2023-34048, allowing them to hijack vulnerable servers. Meanwhile, a Moscow-backed group breached a small percentage of Microsoft corporate email accounts. Additionally, CISA issued an emergency directive to mitigate Ivanti Connect Secure zero-days, likely targeted by Chinese nation-state attackers. Persistent concerns exist … Read more
January 12, 2024 at 12:40PM Juniper Networks has addressed a critical pre-auth remote code execution vulnerability affecting SRX Series firewalls and EX Series switches, tracked as CVE-2024-21591. Vulnerable Junos OS versions are listed, and admins are urged to apply security updates or disable the J-Web interface. CISA also warned of a previous exploit on Juniper … Read more
January 5, 2024 at 12:38PM Security researchers have identified critical vulnerabilities, CVE-2023-33246 and CVE-2023-37582, in Apache RocketMQ. Despite an initial patch, these vulnerabilities remain active, impacting the NameServer component in RocketMQ version 5.1 and older. Attackers can exploit these flaws to execute commands and should upgrade to version 5.1.2/4.9.7 or higher to prevent attacks. ShadowServer … Read more
December 21, 2023 at 09:20AM Sonatype reports low adoption of fixed versions of Struts 2 despite a critical RCE vulnerability (CVE-2023-50164) in the framework’s file upload feature. The fix is simple: use updated Struts versions. With active exploitation and ease of automatable attacks, Sonatype urges immediate upgrades to mitigate potential risks and emphasizes vigilant maintenance … Read more