Security News

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
2024-11-19 21:18

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting...

Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now
2024-09-27 15:44

Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in...

Progress urges admins to patch critical WhatsUp Gold bugs ASAP
2024-09-27 12:01

Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible. [...]

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
2024-09-13 11:04

Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks....

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor
2024-09-09 09:24

Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system...

Progress LoadMaster vulnerable to 10/10 severity RCE flaw
2024-09-08 14:11

Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to...

Critical Progress WhatsUp RCE flaw now under active exploitation
2024-08-07 15:34

Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. [...]

Progress discloses second critical flaw in Telerik Report Server in as many months
2024-07-26 13:32

Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months. Some of you may remember CVE-2019-18935, another deserialization of untrusted data vulnerability affecting Telerik UI for ASP.NET AJAX. It was used by multiple attackers including an unspecified Advanced Persistent Threat group to successfully target US federal agencies in 2023, despite being added to CISA's Known Exploited Vulnerability catalog in 2021.

Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
2024-07-26 06:39

Progress Software has fixed a critical vulnerability in its Telerik Report Server solution and is urging users to upgrade as soon as possible. Telerik Report Server is an enterprise solution for storing, creating, managing and viewing reports in web and desktop applications.

Progress warns of critical RCE bug in Telerik Report Server
2024-07-25 15:46

Progress Software has warned customers to patch a critical remote code execution security flaw in the Telerik Report Server that can be used to compromise vulnerable devices. As a server-based reporting platform, Telerik Report Server provides centralized storage for reports and the tools needed to create, deploy, deliver, and manage them across an organization.