Newswires

September 12, 2024

Critical Security Flaw Found in GitLab Pipeline Execution: Immediate Updates Released
GitLab has rolled out critical updates to counteract multiple vulnerabilities, with the most severe one being CVE-2024-6678, which enables an attacker to initiate pipelines as arbitrary users under certain circumstances.
September 12, 2024

Cybercriminals Target Selenium Grid Servers for Proxyjacking and Cryptomining
Cybercriminals are infecting exposed Selenium Grid servers with the aim of exploiting the victims' Internet bandwidth for cryptomining, proxyjacking, and potentially other malicious activities.
September 11, 2024

Urgent Update Required: Adobe Patches Acrobat Reader Zero-Day Vulnerability
A cybersecurity expert is encouraging users to update Adobe Acrobat Reader following the release of a patch for a remote code execution zero-day vulnerability, for which a public proof-of-concept (PoC) exploit exists.
September 11, 2024

Taiwanese Drone Makers Targeted by ‘WordDrone’ Attack Exploiting Old MS Word Flaw
The Acronis Threat Research Unit has unveiled a recent wave of cyber-attacks on Taiwanese drone manufacturers, which they've termed 'WordDrone'.
September 10, 2024

Ivanti Addresses Critical RCE Vulnerability in Endpoint Management Software
Ivanti has successfully patched a critical vulnerability in its Endpoint Management software (EPM), which could have allowed unauthenticated attackers to remotely execute code on the core server.
September 10, 2024

Microsoft Rectifies Zero-Day Flaw in Windows Smart App Control Exploited Since 2018
Microsoft has resolved a security flaw in its Windows Smart App Control and SmartScreen that has been exploited as a zero-day since at least 2018.
September 10, 2024

Microsoft’s September 2024 Patch Tuesday Addresses 79 Security Flaws Including 4 Zero-days
Microsoft's September 2024 Patch Tuesday saw the company release security updates for 79 flaws, among them four zero-days that are currently being exploited and one that has been disclosed to the public.
September 10, 2024

NoName Ransomware Gang Expands Tactics, Now Deploying RansomHub Malware
The NoName ransomware gang, also known as CosmicBeetle, has been making a name for itself over the past three years by targeting small and medium-sized businesses worldwide.
September 10, 2024

CISA Adds SonicWall SonicOS, ImageMagick, and Linux Kernel Bugs to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included SonicWall SonicOS, ImageMagick, and Linux Kernel vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog.
September 9, 2024

Akira Ransomware Group Exploits SonicWall Vulnerability for Remote Code Execution
Threat actors, including Akira ransomware affiliates, have started exploiting a critical remote code execution (RCE) vulnerability that SonicWall disclosed and patched in its Gen 5, Gen 6, and some versions of its Gen 7 firewall products last month.

Previous 121314 Next

See VULNERA In Action

Meet with a team member to discuss your use cases and see a demo.

Schedule Now

By Solution

By Feature

I Want To…

Learn More

VULNERA vs Vulnerability Scanners

Security Assessment Buyers Guide

Resources

Resources

Blog

Threat Intelligence

I Want To…

Learn More

Top 10 Vulnerability Management Questions Answered

About

About

Partners

I Want To…

Learn More

Simplifying Vulnerability Management

Newswires

See VULNERA In Action

Quick Menu

Features

Subscribe