![China](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/09132937/china-400x200.webp)
Chinese APT40 group swifly leverages public PoC exploits
Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory …
![Fortra FileCatalyst](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/19125737/fortra-filecatalyst-1500-400x200.webp)
PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)
A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s …
![Progress MOVEit](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/25191718/progress-moveit-1500-400x200.webp)
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …
![Zyxel](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/05194535/zyxel-1500-400x200.webp)
Zyxel patches critical flaws in EOL NAS devices
Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that …
![TotalRecall](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/05111839/totalrecall-windows11-400x200.webp)
TotalRecall shows how easily data collected by Windows Recall can be stolen
Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal …
![Progress](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/04154556/progress-1500-400x200.webp)
PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)
Security researchers have published a proof-of-concept (PoC) exploit that chains together two vulnerabilities (CVE-2024-4358, CVE-2024-1800) to achieve unauthenticated remote …
![Atlassian Confluence](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/16183650/confluence-red-1400-400x200.jpg)
High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)
If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-severity RCE flaw …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/29114619/fortinet-1500-400x200.webp)
PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992)
Horizon3.ai researches have released proof-of-concept (PoC) exploits for CVE-2024-23108 and CVE-2023-34992, vulnerabilities that allow remote, unauthenticated command …
![QNAP](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/21161555/qnap-1500-400x200.webp)
15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/19151341/ivanti-blocks2-1400-400x200.jpg)
PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the …
![Palo Alto Networks](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/17164810/palo_alto_networks-2-1500-400x200.webp)
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has …
![Progress](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12085536/progress-led2-400x200.jpg)
PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD