Newswires

December 19, 2023

8220 Gang Exploits Oracle WebLogic Server Flaw to Proliferate Malware
The cybercriminal collective known as the 8220 Gang has been detected exploiting a significant vulnerability (CVE-2020-14883) in Oracle's WebLogic Server to disseminate their malware.
December 18, 2023

Critical RCE Vulnerability Found in Perforce Helix Core Server by Microsoft
Microsoft has unearthed four vulnerabilities in the Perforce Helix Core Server, a source code management platform extensively utilized in the gaming, government, military, and technology industries.
December 18, 2023

Emerging Details on Zero-Click Outlook Remote Code Execution Exploits
New insights have been disclosed about two recently patched security vulnerabilities in Microsoft Windows that could be exploited by cybercriminals to perform remote code execution on the Outlook email service without any user action.
December 14, 2023

NKAbuse Malware Exploits NKN Blockchain for Stealthy Operations
NKAbuse, a new multi-platform malware, is the first to exploit the NKN (New Kind of Network) technology for data exchange, making it a covert threat.
December 13, 2023

Russian APT29 Hackers Exploiting TeamCity Servers Since September: CISA
The US Cybersecurity and Infrastructure Security Agency (CISA), along with its cybersecurity partners and intelligence services, has issued a warning that the APT29 hacking group, associated with Russia's Foreign Intelligence Service (SVR), has been focusing on unpatched TeamCity servers in a series of widespread attacks beginning in September 2023.
December 13, 2023

Critical Apache Struts Vulnerability Targeted by Hackers Using Public Proof-of-Concept
Hackers have begun to exploit a recently resolved critical vulnerability in Apache Struts, an open-source web application framework.
December 13, 2023

Sophos Backports Critical Vulnerability Fix for EOL Firewall Firmware
Sophos has retroactively implemented a fix for the critical code injection vulnerability, CVE-2022-3236, in its end-of-life (EOL) firewall firmware versions.
December 12, 2023

Microsoft’s December 2023 Patch Tuesday Addresses 34 Vulnerabilities, Including an AMD Zero-Day
Microsoft's December 2023 Patch Tuesday has seen the release of security updates addressing a total of 34 vulnerabilities, including one previously disclosed but unpatched flaw in AMD CPUs.
December 12, 2023

Critical RCE Vulnerability in WordPress Backup Migration Plug-in Puts Thousands of Websites at Risk
A major unauthenticated remote control execution (RCE) vulnerability has been discovered in a widely used WordPress plug-in, Backup Migration, exposing many WordPress websites to potential compromise.
December 12, 2023

Over 1,450 pfSense Servers Vulnerable to Remote Code Execution Attacks Due to Multiple Bugs
Approximately 1,450 instances of pfSense, a widely used open-source firewall and router software, are currently exposed to potential remote code execution (RCE) attacks.

Previous 565758 Next

See VULNERA In Action

Meet with a team member to discuss your use cases and see a demo.

Schedule Now

By Solution

By Feature

I Want To…

Learn More

VULNERA vs Vulnerability Scanners

Security Assessment Buyers Guide

Resources

Resources

Blog

Threat Intelligence

I Want To…

Learn More

Top 10 Vulnerability Management Questions Answered

About

About

Partners

I Want To…

Learn More

Simplifying Vulnerability Management

Newswires

See VULNERA In Action

Quick Menu

Features

Subscribe