Security News

Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
2024-12-18 13:36

Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries...

CISA confirms critical Cleo bug exploitation in ransomware attacks
2024-12-13 21:24

CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. [...]

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
2024-12-10 15:57

Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting...

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel
2024-12-05 05:09

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited...

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
2024-12-03 12:51

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA). The vulnerability, tracked as...

The shocking speed of AWS key exploitation
2024-12-02 19:16

It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke...

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
2024-11-27 16:05

A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The...

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation
2024-11-20 04:24

Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287...

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
2024-11-19 06:31

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure...

PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released
2024-11-16 08:21

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a zero-day vulnerability impacting its PAN-OS firewall management...