Security News

CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its advisory to notify customers that the flaws found in Juniper's J-Web interface have been successfully exploited in the wild.

The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. It has been patched by SysAid in version 23.3.36 of the software.

Second novel zero-day exploited by Lace Tempest this year offers notable demonstration of skill, especially for a ransomware affiliate The cybercriminals behind the rampant MOVEit exploits from...

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. In a report from cloud security company Aqua Nautilus, researchers describe a Kinsing malware attack where the threat actor exploited CVE-2023-4911 to elevate permissions on a compromised machine.

Atlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances. Tracked as CVE-2023-22518, this is an improper authorization vulnerability with a 9.1/10 severity rating affecting all versions of Confluence Data Center and Confluence Server software.

F5 is warning BIG-IP admins that devices are being breached by "Skilled" hackers exploiting two recently disclosed vulnerabilities to erase signs of their access and achieve stealthy code execution. F5 has observed threat actors using the two flaws in combination, so even applying the mitigation for CVE-2023-46747 could be enough to stop most attacks.

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but thousands of systems continue to be compromised, internet scans show.

A security researcher has published a proof-of-concept exploit for Wyze Cam v3 devices that opens a reverse shell and allows the takeover of vulnerable devices. Security researcher Peter Geissler recently discovered two flaws in the latest Wyze Cam v3 firmware that can be chained together for remote code execution on vulnerable devices.

A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate...

ESET researcher Matthieu Faou has exposed a new cyberattack from a cyberespionage threat actor known as Winter Vivern, whose interests align with Russia and Belarus. The attack focuses on exploiting a zero-day vulnerability in Roundcube webmail, with the result being the ability to list folders and emails in Roundcube accounts and exfiltrate full emails to an attacker-controlled server.