Results for 'exploit'
Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities
April 11, 2024 - Microsoft has fixed 149 vulnerabilities, two of which are reportedly being exploited in the wild.
Microsoft Exchange vulnerability actively exploited
February 16, 2024 - One of Microsoft's Patch Tuesday fixes has flipped from "Likely to be Exploited" to “Exploitation Detected”.
Patch now! Roundcube mail servers are being actively exploited
February 13, 2024 - A vulnerability in Roundcube webmail is being actively exploited and CISA is urging users to install an updated version.
Patch now! Fortra GoAnywhere MFT vulnerability exploit available
January 25, 2024 - A new vulnerability in Fortra GoAnywhere MFT now has exploit code available that allows an attacker to create a new admin user.
CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities
January 19, 2024 - CISA has added two Citrix NetScaler vulnerabilities to its vulnerability catalog, with a very short deadline to patch.
Update Chrome! Google patches actively exploited zero-day vulnerability
January 18, 2024 - Google has issued a security update for the Chrome browser that includes a patch for one zero-day vulnerability.
Ivanti vulnerabilities now actively exploited in massive numbers
January 17, 2024 - Two vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways are subject to massive exploitation despite an available workaround.
Joomla! vulnerability is being actively exploited
January 12, 2024 - A vulnerability in the popular Joomla! CMS has been added to CISA's known exploited vulnerabilities catalog.
Act now! Ivanti vulnerabilities are being actively exploited
January 11, 2024 - Several international security agencies are echoing a warning by Ivanti about actively exploited vulnerabilities in its VPN solution.
How Outlook notification sounds can lead to zero-click exploits
December 21, 2023 - A researcher found two Microsoft vulnerabilities which could be combined to achieve zero-click remote code execution.