Shadowserver
![Zyxel](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/05194535/zyxel-1500-400x200.webp)
Zyxel patches critical flaws in EOL NAS devices
Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that …
![D-Link](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/08083735/dlink-1500-400x200.webp)
92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)
A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found. The existence of the …
![Microsoft Exchange](https://img.helpnetsecurity.com/wp-content/uploads/2023/03/28181244/exchange-fire-connect-400x200.jpg)
17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns
Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates …
![TeamCity JetBrains](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/04165845/teamcity-jetbrains-1400-400x200.webp)
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)
JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. …
![](https://img.helpnetsecurity.com/wp-content/uploads/2022/10/31120952/connectwise-04-400x200.jpg)
Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)
The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/31150730/ivanti2-400x200.jpg)
Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)
CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being …
![Jenkins](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/29102602/jenkins-1400-400x200.jpg)
Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)
Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins have been made public and there’s evidence of …
![cyber threat](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/25143238/cyber-threat1-400x200.jpg)
Russian hackers target unpatched JetBrains TeamCity servers
Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish …
![Apache Struts](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104837/apache-struts-400x200.jpg)
Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)
Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. …
![atlassian confluence](https://img.helpnetsecurity.com/wp-content/uploads/2022/06/03160357/atlassian_confluence-400x200.jpg)
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …
![Qakbot](https://img.helpnetsecurity.com/wp-content/uploads/2023/08/30133913/qakbot-hns-400x200.jpg)
The removal of Qakbot from infected computers is just the first step
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by …
![Zyxel](https://img.helpnetsecurity.com/wp-content/uploads/2022/05/14150650/zyxel-fire-hns-400x200.jpg)
Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD