961 Results for:CVE
- Sort by:
Ransomware gang targets critical Progress WS_FTP Server bug
13 Oct 2023The vulnerability used in the failed ransomware attack, CVE-2023-40044, is a .NET deserialization vulnerability in Progress Software's WS_FTP Server with a CVSS score of 10. Read More
Browser companies patch critical zero-day vulnerability
13 Sep 2023While attack details remain unknown, Chrome, Edge and Firefox users are being urged to update their browsers as an exploit for CVE-2023-4863 lurks in the wild. Read More
FBI: Suspected Chinese actors continue Barracuda ESG attacks
24 Aug 2023The alert comes after Barracuda Networks issued an advisory stating that patches for CVE-2023-2868 were insufficient and all affected ESG devices need to be replaced. Read More
Rackspace: Ransomware attack caused by zero-day exploit
04 Jan 2023The exploit that led to the Rackspace ransomware attack, referred to as OWASSRF, combines two Exchange Server flaws -- CVE-2022-41080 and a ProxyNotShell flaw, CVE-2022-41082. Read More
CISA details backdoor malware used in Barracuda ESG attacks
31 Jul 2023CISA said Friday that 'Submarine' is a novel persistent backdoor used in attacks against Barracuda Email Security Gateway appliances vulnerable to CVE-2023-2868. Read More
Citrix NetScaler ADC and Gateway flaw exploited in the wild
19 Jul 2023Critical remote code execution flaw CVE-2023-3519 was one of three vulnerabilities in Citrix's NetScaler ADC and Gateway. Customers are urged to patch their instances. Read More
Multiple Adobe ColdFusion flaws exploited in the wild
18 Jul 2023One of the Adobe ColdFusion flaws exploited in the wild, CVE-2023-38203, was a zero-day bug that security vendor Project Discovery inadvertently published. Read More
Chinese APT exploits critical CVE in Pulse Secure VPN
20 Apr 2021A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Read More
Google unveils 'Downfall' attacks, vulnerability in Intel chips
08 Aug 2023Google researcher Daniel Moghimi first reported CVE-2022-40982 and the resulting data leak attacks to Intel in August 2022, but it's taken nearly 12 months to disclose the flaw. Read More
Barracuda: Replace vulnerable ESG devices 'immediately'
08 Jun 2023Customers with email security gateway appliances affected by a recent zero-day flaw, CVE-2023-2868, are being urged to replace devices, even if the hardware has been patched. Read More