November 22, 2023 at 07:12AM Authorities in Australia, the US, and tech company Citrix have issued warnings about a critical vulnerability in the NetScaler product. Dubbed CitrixBleed, the bug allows information disclosure and affects Netscaler ADC and Gateway appliances configured as a gateway or AAA server. The flaw, which has been exploited since August and … Read more
November 4, 2023 at 12:30PM An Apache ActiveMQ vulnerability, CVE-2023-46604, was exploited maliciously prior to patch releases, according to Huntress. Thousands of vulnerable internet-exposed instances are still at risk. Evidence suggests the exploitation began as a zero-day on October 10, with attackers attempting to deliver HelloKitty ransomware. Users are urged to update ActiveMQ to versions … Read more
October 25, 2023 at 12:50PM The Winter Vivern cyber spy group has targeted European governments by exploiting an XSS zero-day vulnerability in the Roundcube webmail client. The group, linked to Russia and Belarus, used a convincing phishing email to launch a malicious payload, allowing them to access victims’ Roundcube accounts. Researchers warn that the group’s … Read more
October 24, 2023 at 03:03PM Kaspersky has released a report detailing the iOS zero-click attacks it suffered. Dubbed ‘Operation Triangulation’, the attacks used malicious iMessage attachments to exploit a zero-day vulnerability and deploy spyware named TriangleDB. The attackers implemented stealth techniques to avoid detection, including using two validators to collect device information and ensure the … Read more
October 16, 2023 at 03:13PM A critical vulnerability in Royal Elementor Addons and Templates up to version 1.3.78 is being actively exploited by hackers. The flaw, tracked as CVE-2023-5360, allows unauthenticated attackers to upload arbitrary files and potentially achieve remote code execution, compromising the websites. Two WordPress security firms have reported a significant increase in … Read more
October 16, 2023 at 11:52AM Cisco has warned administrators about a severe zero-day vulnerability in its IOS XE Software that allows attackers to gain full control of affected routers. The vulnerability, identified as CVE-2023-20198, only affects devices with the Web User Interface feature enabled and the HTTP or HTTPS Server feature toggled on. Cisco advises … Read more
October 11, 2023 at 03:40PM China-sponsored APT Storm-0062 is responsible for exploiting a critical bug in Atlassian Confluence Server, according to Microsoft. Proof-of-concept exploits are now available, indicating potential mass exploitation. The vulnerability (CVE-2023-22515) allows remote code execution without authentication. Microsoft identified four IP addresses associated with the exploit and warned of the creation of … Read more
October 11, 2023 at 10:35AM A Chinese-backed threat group, known as Storm-0062 or DarkShadow, has been exploiting a zero-day vulnerability in Atlassian Confluence Data Center and Server since September 2023. Microsoft has shared more information about the group’s involvement and identified four offending IP addresses. The vulnerability allows the group to create arbitrary administrator accounts. … Read more
October 11, 2023 at 06:42AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities catalog. These include an Adobe Acrobat and Reader flaw that can be exploited for remote code execution, an out-of-bounds write flaw in Cisco IOS and IOS XE, two zero-days impacting Skype for … Read more
October 11, 2023 at 03:12AM Microsoft has released its October 2023 Patch Tuesday updates, addressing 103 flaws, two of which are actively being exploited. Among the vulnerabilities are information disclosure in Microsoft WordPad and privilege escalation in Skype for Business. Microsoft also fixed flaws in Microsoft Message Queuing and Layer 2 Tunneling Protocol. Additionally, Microsoft … Read more