Horizon3.ai
HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific …
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of …
White House: Use memory-safe programming languages to protect the nation
The White House is asking the technical community to switch to using memory-safe programming languages – such as Rust, Python, Swift, C#, Java, and Go – to prevent …
PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)
Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers …
Ivanti Sentry zero-day vulnerability exploited, patch ASAP! (CVE-2023-38035)
Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to …
PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)
Horizon3.ai researchers have published some details (but no PoC for now, thankfully!) about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be …
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)
As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …
Common insecure configuration opens Apache Superset servers to compromise
An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. …
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)
An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …
PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)
Horizon3.ai’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. …
Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)
Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC …
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars