Please turn on your JavaScript for this page to function normally.
PaperCut
PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)

Horizon3.ai researchers have published some details (but no PoC for now, thankfully!) about CVE-2023-39143, two vulnerabilities in PaperCut application servers that could be …

Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

Apache Superset
Common insecure configuration opens Apache Superset servers to compromise

An insecure default configuration issue (CVE-2023-27524) makes most internet-facing Apache Superset servers vulnerable to attackers, Horizon3.ai researchers have discovered. …

Papercut
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …

Fortinet
PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)

Horizon3.ai’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. …

Fortinet
Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)

Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC …

ManageEngine
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)

If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …

Fortinet
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount

Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, …

Fortinet
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)

After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, …

security platform
Horizon3.ai extends its NodeZero platform to include both internal and external penetration testing

Horizon3.ai announced it has extended the capabilities of its NodeZero platform to include external penetration testing. With this enhancement, Horizon3.ai is the first …

Handshake
Intelligent Waves and Horizon3.ai join forces to provide security for DoD mission support

Intelligent Waves announced a strategic collaboration with Horizon3.ai to support next-generation cybersecurity protection in DevOps for the DoD special operations community. …

alert
Attackers are attempting to exploit critical F5 BIG-IP RCE

Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. Simultaneously, …

Don't miss

Cybersecurity news