vulnerability
![Citrix](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12095314/citrix-cables3-400x200.jpg)
Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)
Citrix has patched three vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), …
![Adobe ColdFusion](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/18160315/adobe-coldfusion-400x200.jpg)
Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)
Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow …
![Zimbra](https://img.helpnetsecurity.com/wp-content/uploads/2022/10/10133204/zimbra-1000-400x200.jpg)
Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)
A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the …
![cyber threat](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/25143238/cyber-threat1-400x200.jpg)
Generative AI outperforms hackers but not their creativity
72% of hackers are confident that AI cannot replace human creativity in security research and vulnerability management, according to Bugcrowd. Generative AI hacking Generative …
![satellite](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/12150612/satellite2-400x200.jpg)
Satellites lack standard security mechanisms found in mobile phones and laptops
Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security in Saarbrücken have assessed the security mechanisms of satellites currently …
![industry](https://img.helpnetsecurity.com/wp-content/uploads/2018/10/09095907/industry-mirror-400x200.jpg)
Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)
Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers …
![laptop](https://img.helpnetsecurity.com/wp-content/uploads/2023/05/10160937/laptop-lava-400x200.png)
Same code, different ransomware? Leaks kick-start myriad of new variants
Threat landscape trends demonstrate the impressive flexibility of cybercriminals as they continually seek out fresh methods of attack, including exploiting vulnerabilities, …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2021/02/19130114/microsoft-hand-400x200.jpg)
Chinese hackers forged authentication tokens to breach government emails
Sophisticated hackers have accessed email accounts of organizations and government agencies via authentication tokens they forged by using an acquired Microsoft account (MSA) …
![patch tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12093110/patch-tuesday-hands1-400x200.jpg)
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)
For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …
![vulnerabilities](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/11095101/vunerabilities-400x200.jpg)
Owncast, EaseProbe security vulnerabilities revealed
Oxeye has uncovered two critical security vulnerabilities and recommends immediate action to mitigate risk. The vulnerabilities were discovered in Owncast (CVE-2023-3188) and …
![Microsoft Teams](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/10152152/ms-teams3-400x200.jpg)
Malware delivery to Microsoft Teams users made easy
A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the …
![backup](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/25124009/backup-storage-400x200.jpg)
PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)
An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin …
Featured news
Sponsored
Don't miss
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)