Please turn on your JavaScript for this page to function normally.
Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

Zyxel
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after …

Cisco
Cisco fixes critical flaws in Small Business Series Switches

Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), …

KeePass
KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the …

Advantech EKI-1524-CE
Advantech’s industrial serial device servers open to attack

Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The …

Papercut
PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application …

snake, threat
Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)

When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …

Microsoft Word
PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly …

Fortinet
PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)

Horizon3.ai’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. …

Fortinet
Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)

Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC …

Cisco
Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)

Cisco has released security updates for several of its enterprise security and networking products, fixing (among other things): A critical vulnerability (CVE-2023-20032) in …

Don't miss

Cybersecurity news