![Palo Alto Networks](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/17164805/palo_alto_networks-1-1500-400x200.webp)
Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
UPDATE: April 30, 09:30 AM ET New story: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades While it initially seemed that …
![Delinea Secret Server](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/15130003/delinea_secret_server-1200-400x200.webp)
A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass …
![Fortra FileCatalyst](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/19125737/fortra-filecatalyst-1500-400x200.webp)
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)
Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/11200538/fortinet-wall-400x200.jpg)
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of …
![arcserve](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/29152921/arcserve-1400-400x200.jpg)
PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files …
![](https://img.helpnetsecurity.com/wp-content/uploads/2022/10/31120952/connectwise-04-400x200.jpg)
Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)
The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/30142838/windows-storm-400x200.jpg)
A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs
A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for …
![Jenkins](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/29102602/jenkins-1400-400x200.jpg)
Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)
Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins have been made public and there’s evidence of …
![Fortra GoAnywhere](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/24134218/fortra-anywhere-1400-400x200.jpg)
PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)
Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers …
![Apache Struts](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104837/apache-struts-400x200.jpg)
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. …
![Windows injection](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/12115557/windows-syringe-400x200.jpg)
“Pool Party” process injection techniques evade EDRs
SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool …
![arcserve](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/29152921/arcserve-1400-400x200.jpg)
PoCs for critical Arcserve UDP vulnerabilities released
Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD