#XynikITServices

SolarWinds: Critical RCE Bug Requires Urgent Patch

by

August 15, 2024 at 03:15PM SolarWinds advises customers to patch a critical CVE-2024-28986 vulnerability in its Web Help Desk platform, a Java deserialization RCE flaw. If exploited, attackers can run commands on the host machine. The software vendor recommends immediate patch application, urging all versions to be upgraded to 12.8.3 and the hotfix installed. Based … Read more

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

by

November 20, 2023 at 04:16AM The Apache ActiveMQ vulnerability CVE-2023-46604 is being actively exploited by threat actors to download and infect Linux systems with the Kinsing malware and cryptocurrency miner. The vulnerability allows remote code execution, which Kinsing utilizes to install malware. Users are advised to upgrade their ActiveMQ versions to address the issue. The … Read more