DATE |
NAME |
CATEGORY |
WEB |
29.12.23 |
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers |
Exploit |
BleepingComputer |
27.12.23 |
Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances |
Exploit |
The Hacker News |
24.12.23 |
Google fixes 8th Chrome zero-day exploited in attacks this year |
Exploit |
BleepingComputer |
23.12.23 |
Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware |
Exploit |
The Hacker News |
19.12.23 |
Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits |
Exploit |
The Hacker News |
17.12.23 |
QNAP VioStor NVR vulnerability actively exploited by malware botnet |
Exploit |
BleepingComputer |
14.12.23 |
Hackers are exploiting critical Apache Struts flaw using public PoC |
Exploit |
BleepingComputer |
13.12.23 |
Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing |
Exploit |
The Hacker News |
9.12.23 |
Privilege elevation exploits used in over 50% of insider attacks |
Exploit |
BleepingComputer |
8.12.23 |
Hackers breach US govt agencies using Adobe ColdFusion exploit |
Exploit |
BleepingComputer |
8.12.23 |
Russian hackers exploiting Outlook bug to hijack Exchange accounts |
Exploit |
BleepingComputer |
8.12.23 |
Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense' |
Exploit |
The Hacker News |
2.12.23 |
Hackers start exploiting critical ownCloud flaw, patch now |
Exploit |
BleepingComputer |
29.11.23 |
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S. |
Exploit |
The Hacker News |
28.11.23 |
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens |
Exploit |
The Hacker News |
21.11.23 |
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits |
Exploit |
BleepingComputer |
21.11.23 |
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies |
Exploit |
BleepingComputer |
20.11.23 |
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking |
Exploit |
The Hacker News |
19.11.23 |
Exploit for CrushFTP RCE chain released, patch now |
Exploit |
BleepingComputer |
19.11.23 |
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs |
Exploit |
BleepingComputer |
19.11.23 |
CISA warns of actively exploited Windows, Sophos, and Oracle bugs |
Exploit |
BleepingComputer |
14.11.23 |
CISA warns of actively exploited Juniper pre-auth RCE exploit chain |
Exploit |
BleepingComputer |
|
10.11.23 |
Hackers exploit Looney Tunables Linux bug, steal cloud creds |
Exploit |
BleepingComputer |
|
10.11.23 |
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability |
Exploit |
The Hacker News |
|
9.11.23 |
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation |
Exploit |
The Hacker News |
|
4.11.23 |
New Microsoft Exchange zero-days allow RCE, data theft attacks |
Exploit |
BleepingComputer |
|
3.11.23 |
Atlassian warns of exploit for Confluence data wiping bug, get patching |
Exploit |
BleepingComputer |
|
3.11.23 |
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online |
Exploit |
BleepingComputer |
|
3.11.23 |
Hackers exploit recent F5 BIG-IP flaws in stealthy attacks |
Exploit |
BleepingComputer |
|
31.10.23 |
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked |
Exploit |
BleepingComputer |
|
31.10.23 |
RCE exploit for Wyze Cam v3 publicly released, patch now |
Exploit |
BleepingComputer |
|
27.10.23 |
Citrix Bleed exploit lets hackers hijack NetScaler accounts |
Exploit |
BleepingComputer |
|
27.10.23 |
iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A- and M-Series CPUs |
Exploit |
The Hacker News |
|
26.10.23 |
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software |
Exploit |
The Hacker News |
|
21.10.23 |
Cisco discloses new IOS XE zero-day exploited to deploy malware implant |
Exploit |
BleepingComputer |
|
21.10.23 |
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices |
Exploit |
The Hacker News |
19.10.23 |
North Korean hackers exploit critical TeamCity flaw to breach networks |
Exploit |
BleepingComputer |
19.10.23 |
Recently patched Citrix NetScaler bug exploited as zero-day since August |
Exploit |
BleepingComputer |
19.10.23 |
Hackers exploit critical flaw in WordPress Royal Elementor plugin |
Exploit |
BleepingComputer |
19.10.23 |
Cisco warns of new IOS XE zero-day actively exploited in attacks |
Exploit |
BleepingComputer |
19.10.23 |
Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw |
Exploit |
The Hacker News |
19.10.23 |
Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw |
Exploit |
The Hacker News |
19.10.23 |
Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms |
Exploit |
The Hacker News |
16.10.23 |
Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign |
Exploit |
The Hacker News |
|
14.10.23 |
Microsoft: State hackers exploiting Confluence zero-day since September |
Exploit |
BleepingComputer |
|
11.10.23 |
Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability |
Exploit |
The Hacker News |
|
10.10.23 |
Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials |
Exploit |
The Hacker News |
|
7.10.23 |
Exploits released for Linux flaw giving root on major distros |
Exploit |
BleepingComputer |
|
7.10.23 |
Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers |
Exploit |
BleepingComputer |
|
7.10.23 |
Exploit available for critical WS_FTP bug exploited in attacks |
Exploit |
BleepingComputer |
|
7.10.23 |
Arm warns of Mali GPU flaws likely exploited in targeted attacks |
Exploit |
BleepingComputer |
|
5.10.23 |
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities |
Exploit |
The Hacker News |
|
5.10.23 |
Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now |
Exploit |
The Hacker News |
|
4.10.23 |
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation |
Exploit |
The Hacker News |
|
3.10.23 |
Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation |
Exploit |
The Hacker News |
|
1.10.23 |
Millions of Exim mail servers exposed to zero-day RCE attacks |
Exploit |
BleepingComputer |
|
1.10.23 |
Exploit released for Microsoft SharePoint Server auth bypass flaw |
Exploit |
BleepingComputer |
|
1.10.23 |
Hackers actively exploiting Openfire flaw to encrypt servers |
Exploit |
BleepingComputer |
|
30.9.23 |
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts |
Exploit |
The Hacker News |
|
30.9.23 |
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score |
Exploit |
The Hacker News |
23.9.23 |
Trend Micro addresses actively exploited zero-day in Apex One and other security Products |
Exploit |
Securityaffairs |
16.9.23 |
Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit |
Exploit |
BleepingComputer |
14.9.23 |
Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks |
Exploit |
BleepingComputer |
13.9.23 |
Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws |
Exploit |
The Hacker News |
13.9.23 |
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability |
Exploit |
The Hacker News |
13.9.23 |
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird |
Exploit |
The Hacker News |
12.9.23 |
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now |
Exploit |
The Hacker News |
10.9.23 |
US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog |
Exploit |
Securityaffairs |
8.9.23 |
Cisco warns of VPN zero-day exploited by ransomware gangs |
Exploit |
BleepingComputer |
8.9.23 |
CISA warns of critical Apache RocketMQ bug exploited in attacks |
Exploit |
BleepingComputer |
8.9.23 |
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers |
Exploit |
The Hacker News |
8.9.23 |
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities |
Exploit |
The Hacker News |
7.9.23 |
Google addressed an actively exploited zero-day in Android |
Exploit |
Securityaffairs |
7.9.23 |
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw |
Exploit |
The Hacker News |
6.9.23 |
Publicly available Evil_MinIO exploit used in attacks on MinIO Storage Systems |
Exploit |
Securityaffairs |
6.9.23 |
Hackers exploit MinIO storage system to breach corporate networks |
Exploit |
BleepingComputer |
5.9.23 |
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers |
Exploit |
The Hacker News |
4.9.23 |
PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks |
Exploit |
Securityaffairs |
|
3.9.23 |
PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability |
Exploit |
The Hacker News |
|
31.8.23 |
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security |
Exploit |
The Hacker News |
|
30.8.23 |
Researchers published PoC exploit code for Juniper SRX firewall flaws |
Exploit |
Securityaffairs |
|
30.8.23 |
Hackers exploit critical Juniper RCE bug chain after PoC release |
Exploit |
BleepingComputer |
|
30.8.23 |
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits |
Exploit |
The Hacker News |
|
30.8.23 |
Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom |
Exploit |
The Hacker News |
|
29.8.23 |
Exploit released for Juniper firewall bugs allowing RCE attacks |
Exploit |
BleepingComputer |
|
28.8.23 |
Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege |
Exploit |
The Hacker News |
|
26.8.23 |
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035 |
Exploit |
Securityaffairs |
|
26.8.23 |
More than 3,000 Openfire servers exposed to attacks using a new exploit |
Exploit |
Securityaffairs |
|
25.8.23 |
Exploit released for Ivanti Sentry bug abused as zero-day in attacks |
Exploit |
BleepingComputer |
|
25.8.23 |
Hackers use public ManageEngine exploit to breach internet org |
Exploit |
BleepingComputer |
|
20.8.23 |
Hacking ATMs by exploiting flaws in ScrutisWeb ATM fleet software |
Exploit |
Securityaffairs |
|
11.8.23 |
Hackers use open source Merlin post-exploitation toolkit in attacks |
Exploit |
BleepingComputer |
|
10.8.23 |
Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization |
Exploit |
The Hacker News |
|
4.8.23 |
Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug |
Exploit |
Securityaffairs |
|
4.8.23 |
FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022 |
Exploit |
BleepingComputer |
|
4.8.23 |
Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities |
Exploit |
The Hacker News |
|
1.8.23 |
Hackers exploit BleedingPipe RCE to target Minecraft servers, players |
Exploit |
BleepingComputer |
|
31.7.23 |
In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues |
Exploit |
Securityaffairs |
|
28.7.23 |
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches |
Exploit |
The Hacker News |
23.7.23 |
Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks |
Exploit |
BleepingComputer |
22.7.23 |
Netscaler ADC bug exploited to breach US critical infrastructure org |
Exploit |
BleepingComputer |
|
19.7.23 |
Citrix warns of actively exploited zero-day in ADC and Gateway |
Exploit |
Securityaffairs |
|
19.7.23 |
New critical Citrix ADC and Gateway flaw exploited as zero-day |
Exploit |
BleepingComputer |
|
19.7.23 |
Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway |
Exploit |
The Hacker News |
|
18.7.23 |
Adobe warns customers of a critical ColdFusion RCE exploited in attacks |
Exploit |
Securityaffairs |
|
18.7.23 |
Hackers exploiting critical WordPress WooCommerce Payments bug |
Exploit |
BleepingComputer |
|
18.7.23 |
Critical ColdFusion flaws exploited in attacks to drop webshells |
Exploit |
BleepingComputer |
|
18.7.23 |
Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites |
Exploit |
The Hacker News |
|
18.7.23 |
Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps |
Exploit |
The Hacker News |
|
17.7.23 |
Gamaredon hackers start stealing data 30 minutes after a breach |
Exploit |
BleepingComputer |
|
17.7.23 |
Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware |
Exploit |
The Hacker News |
|
15.7.23 |
Zimbra urges customers to manually fix actively exploited zero-day reported by Google TAG |
Exploit |
Securityaffairs |
|
15.7.23 |
Experts released PoC exploit for Ubiquiti EdgeRouter flaw |
Exploit |
Securityaffairs |
|
15.7.23 |
Rockwell warns of new APT RCE exploit targeting critical infrastructure |
Exploit |
BleepingComputer |
|
13.7.23 |
Hackers exploit Windows policy to load malicious kernel drivers |
Exploit |
BleepingComputer |
|
12.7.23 |
Hackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver Signatures |
Exploit |
The Hacker News |
|
1.7.23 |
Experts published PoC exploits for Arcserve UDP authentication bypass issue |
Exploit |
Securityaffairs |
|
1.7.23 |
Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs |
Exploit |
BleepingComputer |
|
30.6.23 |
Exploit released for new Arcserve UDP auth bypass vulnerability |
Exploit |
BleepingComputer |
|
23.6.23 |
PoC Exploit Published for Cisco AnyConnect Secure Vulnerability |
Exploit |
Securityweek |
|
22.6.23 |
Exploit released for Cisco AnyConnect bug giving SYSTEM privileges |
Exploit |
BleepingComputer |
|
22.6.23 |
ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks |
Exploit |
The Hacker News |
17.6.23 |
In Other News: Linux Kernel Exploits, Update on BEC Losses, Cybersecurity Awareness Act |
Exploit |
Securityweek |
|
4.5.23 |
Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection |
Exploit |
The Hacker News |
|
2.5.23 |
Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected |
Exploit |
The Hacker News |
|
24.4.23 |
Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites |
Exploit |
The Hacker News |
|
24.4.23 |
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers |
Exploit |
The Hacker News |
|
22.4.23 |
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug |
Exploit |
The Hacker News |
|
20.4.23 |
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks |
Exploit |
The Hacker News |
|
10.4.23 |
CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required |
Exploit |
The Hacker News |
|
5.4.23 |
Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks |
Exploit |
The Hacker News |
|
21.3.23 |
Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack |
Exploit |
The Hacker News |
|
17.3.23 |
New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks |
Exploit |
The Hacker News |
16.3.23 |
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency |
Exploit |
The Hacker News |
16.3.23 |
Critical Microsoft Outlook bug PoC shows how easy it is to exploit |
Exploit |
Bleepingcomputer |
16.3.23 |
Microsoft fixes Windows zero-day exploited in ransomware attacks |
Exploit |
Bleepingcomputer |
16.3.23 |
Cybercriminals exploit SVB collapse to steal money and data |
Exploit |
Bleepingcomputer |
12.3.23 |
CISA warns of actively exploited Plex bug after LastPass breach |
Exploit |
Bleepingcomputer |
|
2.3.23 |
Hackers Exploit Containerized Environments to Steals Proprietary Data and Software |
Exploit |
The Hacker News |
28.2.23 |
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability |
Exploit |
The Hacker News |
28.2.23 |
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations |
Exploit |
The Hacker News |
22.2.23 |
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks |
Exploit |
The Hacker News |
|
7.2.23 |
Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework |
Exploit |
The Hacker News |
|
6.2.23 |
Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT |
Exploit |
The Hacker News |
|
1.2.23 |
New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices |
Exploit |
The Hacker News |
|
26.1.23 |
Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA |
Exploit |
The Hacker News |
|
20.1.23 |
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware |
Exploit |
The Hacker News |
|
17.1.23 |
Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late! |
Exploit |
The Hacker News |
| | | |