961 Results for:CVE

  • Sort by: 

Zero-day that forced Barracuda users to bin kit was exploited by China

By Alex Scroxton 29 Aug 2023

Mandiant has published details of how a Chinese threat actor targeted high-profile users of Barracuda Networks' Email Security Gateway appliances, including government agencies of interest to Beijing's intelligence... Read More

CISA reveals how LockBit hacked Boeing via Citrix Bleed

By Alex Scroxton 22 Nov 2023

As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew Read More

Russian APT exploiting JetBrains TeamCity vulnerability

By Arielle Waldman 14 Dec 2023

The Russian hackers behind the SolarWinds attacks are the latest nation-state group to exploit a critical TeamCity vulnerability to gain initial access to victims' servers. Read More

Race to patch as Microsoft confirms Zerologon attacks in the wild

By Alex Scroxton 24 Sep 2020

Don’t be the organisation that made the headlines because it failed to patch. Microsoft says it is seeing cyber attacks ramping up around the Zerologon CVE-2020-1472 bug Read More

CISA, vendors warn Citrix ShareFile flaw under attack

By Arielle Waldman 17 Aug 2023

A vulnerability in the managed file transfer product that enterprises use is being actively exploited two months after Citrix released a fix. Read More

Cisco patches dangerous Webex vulnerability

By Alex Scroxton 18 Jun 2020

CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service Read More

Critical VMware Aria Operations bug under active exploitation

By Alexander Culafi 21 Jun 2023

Reports of exploitation for a critical command injection flaw in VMware Aria Operations for Networks came roughly a week after a researcher published a proof-of-concept for it. Read More

Microsoft users on high alert over dangerous RCE zero-day

By Alex Scroxton 12 Jul 2023

A serious RCE vulnerability in Microsoft Office and Windows is among several zero-days disclosed in Redmond’s July Patch Tuesday update, but this one does not have a patch yet Read More

Datacentre management vulnerabilities leave public clouds at risk

By Alex Scroxton 12 Aug 2023

At the annual DEF CON hacking convention, researchers from Trellix have disclosed multiple vulnerabilities in key datacentre products underpinning the world’s public cloud infrastructure Read More

Threat actors exploiting unpatched Juniper Networks devices

By Alex Scroxton 01 Sep 2023

A series of vulnerabilities in Juniper Networks firewalls and switches appear to be being exploited in the wild to enable remote code execution, with thousands of devices thought to be exposed Read More