August 1, 2024 at 09:18AM Around 20,000 unpatched VMware ESXi servers, vulnerable to CVE-2024-37085 (CVSS 6.8), are accessible on the internet. It allows threat actors full access, with ransomware groups like Storm-0506 and Octo Tempest exploiting it. The flaw enables administrative control over hypervisors, risking file encryption, VM access, and lateral movement within networks. Urgent … Read more
July 26, 2024 at 08:27AM Threat actors exploiting critical vulnerabilities in ServiceNow, including input validation flaws and a file read security defect, targeting vulnerable instances for reconnaissance. Approximately 300,000 instances susceptible to probing, with threat actors attempting to extract data from private sector and government agencies worldwide. ServiceNow urged customers to apply patches and hotfixes … Read more
April 12, 2024 at 04:48PM A zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks firewalls has been exploited by threat actor ‘UTA0218’ for over two weeks. The issue permits unauthorized execution of code with root privileges. Palo Alto is expected to release patches by April 14. Organizations are urged to take immediate mitigation steps and be … Read more
November 16, 2023 at 11:48AM A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups, resulting in the theft of email data, user credentials, and authentication tokens. The flaw, tracked as CVE-2023-37580, allowed the execution of malicious scripts by tricking users into clicking on a specially crafted URL. The attacks … Read more