June 13, 2023

VMware has patched a zero-day vulnerability (CVE-2023-20867) in its ESXi product after it was exploited by Chinese-sponsored hacking group UNC3886 to backdoor Windows and Linux virtual machines and steal data.

June 13, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 23-02, titled 'Mitigating the Risk from Internet-Exposed Management Interfaces.'

June 13, 2023

Ofcom, the UK's communications regulator, has disclosed a data breach after being targeted by a Clop ransomware attack.

June 12, 2023

Fortinet has reported that a critical FortiOS SSL VPN vulnerability, which was patched last week, might have been exploited in attacks targeting government, manufacturing, and critical infrastructure organizations.

June 12, 2023

Horizon3 security researchers have recently made public a proof-of-concept (PoC) exploit code for a remote code execution (RCE) vulnerability in the MOVEit Transfer managed file transfer (MFT) solution.

June 11, 2023

Fortinet has released firmware updates for its Fortigate devices, addressing a critical pre-authentication remote code execution (RCE) vulnerability in SSL VPN devices.

June 9, 2023

Progress Software has alerted customers to critical SQL injection vulnerabilities identified in its MOVEit Transfer managed file transfer (MFT) solution.

June 8, 2023

Kroll security experts have discovered that the Clop ransomware gang has been seeking ways to exploit a now-patched zero-day in the MOVEit Transfer managed file transfer (MFT) solution since 2021.

June 8, 2023

A proof-of-concept (PoC) exploit has been made public for a Windows local privilege escalation vulnerability that has been actively exploited.

June 8, 2023

Cisco has announced the release of patches for a critical-severity vulnerability found in its Expressway series and TelePresence Video Communication Server (VCS) enterprise collaboration and video communication solutions.