Security News

The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that,...

Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs remaining unpatched.The educational services industry has a significantly higher percentage of servers with unpatched weaponised Common Vulnerabilities and Exposures, compared to the general average of 10%. Industries still using end-of-life or EoS OSs that are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer: Educational services, retail trade, healthcare, manufacturing and public administration.

Horizon3's exploit takes advantage of age-old path traversal weaknesses in Tomcat-based applications where requests to vulnerable endpoints that contain /.;/ allow attackers to access forbidden pages, such as the admin account creation page in GoAnywhere MFT. If remote attackers exploit the same path traversal technique when submitting the form to create a new admin user, the account will be created, giving the bad guys admin privileges. Zach Hanley, chief attack engineer at Horizon3, said the clearest indicator of compromise would be noticing any new additions to the Admin Users group in the GoAnywhere MFT admin portal.

A critical security flaw has been disclosed in Fortra's GoAnywhere Managed File Transfer (MFT) software that could be abused to create a new administrator user. Tracked as CVE-2024-0204, the issue...

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT versions before 7.4.1 that allows an attacker to create a new admin user. GoAnywhere MFT is used by organizations worldwide to secure transfer files with customers and business partners.

Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public...

Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as...

Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers. Atlassian disclosed the security issue last week and noted that it impacts only Confluence versions released before December 5, 2023, along with some out-of-support releases.

VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. vCenter Server is a management platform for VMware vSphere environments that helps administrators manage ESX and ESXi servers and virtual machines.

CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile and MobileIron Core device management software is now under active exploitation. While it has yet to provide further details on CVE-2023-35082 active exploitation, CISA added the vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation and says there's no evidence of abuse in ransomware attacks.