Please turn on your JavaScript for this page to function normally.
JetBrains TeamCity
Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware

Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans …

Ivanti
Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724)

Ivanti has fixed a critical RCE vulnerability (CVE-2023-41724) in Ivanti Standalone Sentry that has been reported by researchers with the NATO Cyber Security Centre. Though …

NIST NVD
NIST’s NVD has encountered a problem

Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and …

Fortra FileCatalyst
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)

Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra …

Fortinet
Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)

A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of …

BSAM
BSAM: Open-source methodology for Bluetooth security assessment

Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security …

malware
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware

A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among …

Cisco
Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)

Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be …

VMware
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation

VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could …

TeamCity JetBrains
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)

JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. …

ConnectWise
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, …

Don't miss

Cybersecurity news