Security News

ConnectWise has released security updates to address a critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager secure backup solutions. Affected software versions include ConnectWise Recover or earlier and R1Soft SBM v6.16.3 or earlier.

Proof-of-concept exploit code is now available for a pre-authentication remote code execution vulnerability allowing attackers to execute arbitrary code remotely with root privileges on unpatched Cloud Foundation and NSX Manager appliances. The flaw is in the XStream open-source library used by the two VMware products and was assigned an almost maximum CVSSv3 base score of 9.8/10 by VMware.

VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product. "Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware Cloud Foundation, a malicious actor can get remote code execution in the context of 'root' on the appliance," the company said in an advisory.

A remote code execution flaw in the open-source Apache Commons Text library has some people worried that it could turn into the next Log4Shell. However, most cybersecurity researchers say it is...

HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that's mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware operators and espionage-focused advanced persistent threat groups alike.

Aruba has released security updates for the EdgeConnect Enterprise Orchestrator, addressing multiple critical severity vulnerabilities that enable remote attackers to compromise the host. Aruba EdgeConnect Orchestrator is a widely used WAN management solution, offering enterprise users optimization, administration, automation, and real-time visibility and monitoring features.

A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine. "A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox," GitHub said in an advisory published on September 28, 2022.

A still unpatched vulnerability in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. Zimbra Collaboration is cloud-hosted collaboration software suite that also includes an email server component and a web client component.

A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. While a fix is yet to be released, Zimbra is urging users to install the "Pax" utility and restart the Zimbra services.

Hackers are actively exploiting an unpatched remote code execution vulnerability in Zimbra Collaboration Suite, a widely deployed web client and email server. Zimbra released a security advisory on September 14 to warn system administrators to install Pax, a portable archiving utility, and restart their Zimbra servers to replace cpio, which is the vulnerable component.