Newswires

May 26, 2023

Mirai Botnet Exploits Zyxel Firewall Vulnerability
A Mirai botnet variant has been taking advantage of a recently patched vulnerability, identified as CVE-2023-28771, to compromise numerous Zyxel firewalls.
May 25, 2023

China-Backed Cyber Campaign ‘Volt Typhoon’ Targets Critical Infrastructure
The 'Volt Typhoon' cyber campaign, which is suspected to be backed by China, has been targeting critical infrastructure organizations in Guam, bringing to light the possibility of America's geopolitical adversaries launching disruptive cyberattacks against key communications and operational technologies.
May 25, 2023

D-Link Addresses Critical Authentication Bypass and RCE Vulnerabilities in D-View 8 Software
D-Link has recently patched two critical-severity vulnerabilities in its D-View 8 network management suite, which could have allowed remote attackers to bypass authentication and execute arbitrary code.
May 25, 2023

Critical Vulnerability Patched in GitLab CE/EE Version 16.0.1
GitLab, an open-source end-to-end software development platform, has released a security update to fix a critical-severity vulnerability affecting both GitLab Community Edition (CE) and Enterprise Edition (EE).
May 25, 2023

Buhti Ransomware Gang Targets Windows and Linux Systems with Leaked Encryptors
A new ransomware operation called 'Buhti' has surfaced, targeting Windows and Linux systems using the leaked code from the LockBit and Babuk ransomware families.
May 24, 2023

Barracuda ESG Appliances Breached Through Zero-Day Vulnerability
Barracuda Networks, a provider of network security solutions, recently alerted customers to a breach in some of its Email Security Gateway (ESG) appliances.
May 24, 2023

OAuth Vulnerability in Expo Platform Impacts Numerous Third-Party Sites and Apps
A security flaw in the implementation of the Open Authorization (OAuth) standard, which is widely used by websites and applications to connect to platforms like Facebook, Google, Apple, and Twitter, could enable attackers to hijack user accounts, access or leak sensitive data, and even commit financial fraud.
May 22, 2023

PyPI Back Online After Weekend Shutdown; Incident Deemed Overblown
The Python Package Index (PyPI) repository, which serves over 700,000 users and 450,000 projects, was temporarily shut down over the weekend, leading to speculation about an unusual surge of malicious packages or a cyberattack.
May 22, 2023

CISA Directs Government Agencies to Address iPhone Vulnerabilities Exploited in Attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has instructed federal agencies to address three recently patched zero-day vulnerabilities affecting iPhones, Macs, and iPads, which are known to have been exploited in attacks.
May 20, 2023

US CISA Issues Warning on Actively Exploited Samsung Vulnerability
The US Cybersecurity and Infrastructure Security Agency (CISA) has added the CVE-2023-21492 vulnerability to its Known Exploited Vulnerabilities Catalog, warning of active exploitation of the flaw in Samsung devices.

Previous 104105106 Next

See VULNERA In Action

Meet with a team member to discuss your use cases and see a demo.

Schedule Now

By Solution

By Feature

I Want To…

Learn More

VULNERA vs Vulnerability Scanners

Security Assessment Buyers Guide

Resources

Resources

Blog

Threat Intelligence

I Want To…

Learn More

Top 10 Vulnerability Management Questions Answered

About

About

Partners

I Want To…

Learn More

Simplifying Vulnerability Management

Newswires

See VULNERA In Action

Quick Menu

Features

Subscribe