Exploit List - 2024 2023 2021 2020 2019 2018
DATE | NAME | Info | CATEG. | WEB |
21.12.24 | CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access | Exploit | |
18.12.24 | Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected | Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The | Exploit | |
27.10.24 | CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) | A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities ( KEV ) catalog by the U.S. | Exploit | |
27.10.24 | Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials | Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail | ||
26.10.24 | CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web | Exploit | The Hacker News |
25.9.24 | Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool | Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto | Exploit | The Hacker News |
21.9.24 | Ivanti warns of another critical CSA flaw exploited in attacks | Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. | Exploit | |
20.9.24 | Exploit code released for critical Ivanti RCE flaw, patch now | A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. | Exploit | |
15.9.24 | Ivanti warns high severity CSA flaw is now exploited in attacks | Ivanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. | Exploit | |
15.9.24 | Hackers targeting WhatsUp Gold with public exploit since August | Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. | Exploit | |
13.9.24 | Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers | Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully | Exploit | The Hacker News |
13.9.24 | Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw | Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in | Exploit | The Hacker News |
8.9.24 | Cisco fixes root escalation vulnerability with public exploit code | Cisco has fixed a command injection vulnerability in the Identity Services Engine (ISE) with public exploit code that lets attackers escalate privileges to root on vulnerable systems. | Exploit | |
4.9.24 | Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch | Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has | Exploit | The Hacker News |
4.9.24 | Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus | A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and | Exploit | The Hacker News |
4.9.24 | New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access | Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges | Exploit | The Hacker News |
1.9.24 | North Korean hackers exploit Chrome zero-day to deploy rootkit | North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. | Exploit | |
30.8.24 | Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack | Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and | Exploit | The Hacker News |
27.8.24 | Google tags a tenth Chrome zero-day as exploited this year | Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. | Exploit | |
27.8.24 | Versa fixes Director zero-day vulnerability exploited in attacks | Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. | Exploit | |
25.8.24 | Hackers are exploiting critical bug in LiteSpeed Cache plugin | Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. | Exploit | |
23.8.24 | Hackers use PHP exploit to backdoor Windows systems with new malware | Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). | Exploit | |
23.8.24 | Windows driver zero-day exploited by Lazarus hackers to install rootkit | The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. | Exploit | |
23.8.24 | CISA warns of Jenkins RCE bug exploited in ransomware attacks | CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks. | Exploit | |
23.8.24 | Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control | Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in | Exploit | The Hacker News |
21.8.24 | Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor | A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in | Exploit | The Hacker News |
20.8.24 | Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information | Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites | Exploit | The Hacker News |
20.8.24 | Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware | Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a | Exploit | The Hacker News |
17.8.24 | Ivanti warns of critical vTM auth bypass with public exploit | Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. | Exploit | |
17.8.24 | Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign | A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible | Exploit | The Hacker News |
11.8.24 | CISA warns about actively exploited Apache OFBiz RCE flaw | The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. | Exploit | |
11.8.24 | Exploit released for Cisco SSM bug allowing admin password changes | Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers. | Exploit | |
11.8.24 | 18-year-old security flaw in Firefox and Chrome exploited in attacks | A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network. | Exploit | |
11.8.24 | SEC ends probe into MOVEit attacks impacting 95 million people | The SEC concludes its investigation into Progress Software's handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people. | Exploit | |
9.8.24 | Google fixes Android kernel zero-day exploited in targeted attacks | Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. | Exploit | |
9.8.24 | Windows Smart App Control, SmartScreen bypass exploited since 2018 | A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018. | Exploit | |
9.8.24 | CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart | Exploit | The Hacker News |
7.8.24 | New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers | Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to | Exploit | The Hacker News |
4.8.24 | Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool | Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured | Exploit | The Hacker News |
3.8.24 | New Specula tool uses Outlook for remote code execution in Windows | Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. | Exploit | |
29.7.24 | Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails | An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email | Exploit | The Hacker News |
25.7.24 | Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers | A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver | Exploit | The Hacker News |
16.7.24 | CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer | Exploit | The Hacker News |
15.7.24 | Hackers use PoC exploits in attacks 22 minutes after release | Threat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available. | Exploit | |
11.7.24 | PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks | Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, | Exploit | |
2.7.24 | Cisco warns of NX-OS zero-day exploited to deploy custom malware | Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. | Exploit | |
30.6.24 | Hackers exploit critical D-Link DIR-859 router flaw to steal passwords | Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. | Exploit | |
29.6.24 | Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released | The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. | Exploit | |
28.6.24 | 8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining | Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known | Exploit | The Hacker News |
28.6.24 | New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities | A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as | Exploit | The Hacker News |
27.6.24 | SolarWinds Serv-U path traversal flaw actively exploited in attacks | Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. | Exploit | |
27.6.24 | Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP! | A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild | Exploit | The Hacker News |
17.6.24 | Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor | Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of | Exploit | The Hacker News |
15.6.24 | Google patches exploited Android zero-day on Pixel devices | Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. | Exploit | |
13.6.24 | Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day | Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity | Exploit | The Hacker News |
13.6.24 | Arm warns of actively exploited flaw in Mali GPU kernel drivers | Arm has issued a security bulletin warning of a memory-related vulnerability in Bifrost and Valhall GPU kernel drivers that is being exploited in the wild. | Exploit | |
11.6.24 | Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers | Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as | Exploit | The Hacker News |
9.6.24 | New PHP Vulnerability Exposes Windows Servers to Remote Code Execution | Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under | Exploit | The Hacker News |
6.6.24 | Hackers Exploit Legitimate Packer Software to Spread Malware Undetected | Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and | Exploit | |
1.6.24 | Check Point VPN zero-day exploited in attacks since April 30 | Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks. | Exploit | |
31.5.24 | Exploit released for maximum severity Fortinet RCE bug, patch now | Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February. | Exploit | |
28.5.24 | WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites | Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim | Exploit | The Hacker News |
26.5.24 | High-severity GitLab flaw lets attackers take over accounts | GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. | Exploit | |
24.5.24 | Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024 | Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited | Exploit | The Hacker News |
23.5.24 | QNAP QTS zero-day in Share feature gets public RCE exploit | An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. | Exploit | |
23.5.24 | CISA warns of hackers exploiting Chrome, EoL D-Link bugs | The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. | Exploit | BleepingComputer |
23.5.24 | MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks | An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in | Exploit | The Hacker News |
20.5.24 | Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal | Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, | Exploit | The Hacker News |
20.5.24 | Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail | A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer | Exploit | The Hacker News |
18.5.24 | Google fixes third actively exploited Chrome zero-day in a week | Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. | Exploit | |
18.5.24 | PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers | The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. | Exploit | |
16.5.24 | Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability | Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been | Exploit | The Hacker News |
9.5.24 | Hackers exploit LiteSpeed Cache flaw to create WordPress admins | Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites. | Exploit | |
8.5.24 | Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites | A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create | Exploit | The Hacker News |
8.5.24 | Exploits and vulnerabilities in Q1 2024 | Money is what always attracts cybercriminals. A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, | Exploit | Securelist |
4.5.24 | Over 1,400 CrushFTP servers vulnerable to actively exploited bug | Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability previously exploited as a zero-day. | Exploit | |
4.5.24 | Maximum severity Flowmon bug has a public exploit, patch now | Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility. | Exploit | |
4.5.24 | ArcaneDoor hackers exploit Cisco zero-days to breach govt networks | Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. | Exploit | BleepingComputer |
2.5.24 | CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited | Exploit | The Hacker News |
26.4.24 | Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites | Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow | Exploit | The Hacker News |
23.4.24 | MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws | The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti | Exploit | The Hacker News |
20.4.24 | CrushFTP warns users to patch exploited zero-day “immediately” | CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately. | Exploit | |
20.4.24 | Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks | Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the | Exploit | The Hacker News |
18.4.24 | Cisco discloses root escalation flaw with public exploit code | Cisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root. | Exploit | |
18.4.24 | Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes | Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes | Exploit | The Hacker News |
17.4.24 | Ivanti warns of critical flaws in its Avalanche MDM solution | Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. | Exploit | |
17.4.24 | Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread | Last year, a command injection vulnerability, CVE-2023-1389, was disclosed and a fix developed for the web management interface of the TP-Link Archer AX21 (AX1800). | Exploit | FORTINET |
14.4.24 | Palo Alto Networks zero-day exploited since March to backdoor firewalls | Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. | Exploit | |
14.4.24 | Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks | Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. | Exploit | |
13.4.24 | Microsoft fixes two Windows zero-days exploited in malware attacks | Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. | Exploit | |
10.4.24 | Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel | Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems | Exploit | The Hacker News |
10.4.24 | Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks | A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection | Exploit | The Hacker News |
7.4.24 | Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites | Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The | Exploit | The Hacker News |
30.3.24 | CISA tags Microsoft SharePoint RCE bug as actively exploited | CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks. | Exploit | |
30.3.24 | Hackers exploit Ray framework flaw to breach servers, hijack resources | A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies. | Exploit | |
23.3.24 | Exploit released for Fortinet RCE bug used in attacks, patch now | Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks. | Exploit | |
19.3.24 | Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks | Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet | Exploit | The Hacker News |
13.3.24 | Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware | Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. | Exploit | |
11.3.24 | Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability | Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software | Exploit | The Hacker News |
8.3.24 | QEMU Emulator Exploited as Tunneling Tool to Breach Company Network | Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an | Exploit | |
8.3.24 | CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On- | Exploit | The Hacker News |
7.3.24 | Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining | Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as | Exploit | |
6.3.24 | Exploit available for new critical TeamCity auth bypass bug, patch now | A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions. | Exploit | |
5.3.24 | Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers | A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to | Exploit | The Hacker News |
4.3.24 | How Cybercriminals are Exploiting India's UPI for Money Laundering Operations | Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering | Exploit | The Hacker News |
1.3.24 | Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities | The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in | Exploit | The Hacker News |
1.3.24 | Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks | The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level | Exploit | |
24.2.24 | ScreenConnect critical bug now under attack as exploit code emerges | Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. | Exploit | |
23.2.24 | Over 28,500 Exchange servers vulnerable to actively exploited bug | Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. | Exploit | |
23.2.24 | Hackers exploit critical RCE flaw in Bricks WordPress site builder | Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. | Exploit | |
18.2.24 | Over 13,000 Ivanti gateways vulnerable to actively exploited bugs | Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched. | Exploit | |
18.2.24 | New critical Microsoft Outlook RCE bug is trivial to exploit | Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View. | Exploit | |
17.2.24 | CISA: Roundcube email server bug now exploited in attacks | CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. | Exploit | |
10.2.24 | New Fortinet RCE bug is actively exploited, CISA confirms | CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. | Exploit | |
10.2.24 | New Fortinet RCE flaw in SSL VPN likely exploited in attacks | Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. | Exploit | |
10.2.24 | Raspberry Robin Malware Upgrades with Discord Spread and New Exploits | The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be | Exploit | The Hacker News |
9.2.24 | Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation | Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 | Exploit | The Hacker News |
8.2.24 | Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products | Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited | Exploit | The Hacker News |
7.2.24 | Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network | Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This | Exploit | The Hacker News |
6.2.24 | Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation | A recently disclosed server-side request forgery ( SSRF ) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come | Exploit | The Hacker News |
5.2.24 | New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw | The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to | Exploit | The Hacker News |
2.2.24 | Exploits released for critical Jenkins RCE flaw, patch now | Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. | Exploit | |
2.2.24 | Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities | Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups | Exploit | The Hacker News |
1.2.24 | RunC Flaws Enable Container Escapes, Granting Attackers Host Access | Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the | Exploit | The Hacker News |
1.2.24 | Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation | Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. | Exploit | The Hacker News |
31.1.24 | Exploit released for Fortra GoAnywhere MFT auth bypass bug | Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal. | Exploit | |
31.1.24 | Hackers start exploiting critical Atlassian Confluence RCE flaw | Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers. | Exploit | |
24.1.24 | Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters | Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors | Exploit | The Hacker News |
22.1.24 | Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks | Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver | Exploit | The Hacker News |
21.1.24 | VMware confirms critical vCenter flaw now exploited in attacks | VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. | Exploit | |
20.1.24 | CISA: Critical Ivanti auth bypass bug now actively exploited | CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation. | Exploit | |
20.1.24 | CISA pushes federal agencies to patch Citrix RCE within a week | Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks. | Exploit | |
20.1.24 | CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch | Exploit | The Hacker News |
19.1.24 | Windows SmartScreen flaw exploited to drop Phemedrone malware | A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. | Exploit | |
17.1.24 | Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability | Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as | Exploit | The Hacker News |
17.1.24 | Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now | Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause | Exploit | The Hacker News |
13.1.24 | CISA: Critical Microsoft SharePoint bug now actively exploited | CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. | Exploit | |
13.1.24 | Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families | As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day | Exploit | The Hacker News |
12.1.24 | Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its | Exploit | The Hacker News |
12.1.24 | New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems | Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source | Exploit | The Hacker News |
11.1.24 | Ivanti warns of Connect Secure zero-days exploited in attacks | Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways. | Exploit | |
11.1.24 | CISA warns agencies of fourth flaw used in Triangulation spyware attacks | The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Adobe, Apache, D-Link, and Joomla. | Exploit | |
10.1.24 | Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe | Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing | Exploit | The Hacker News |
3.1.24 | SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails | A new exploitation technique called Simple Mail Transfer Protocol ( SMTP ) smuggling can be weaponized by threat actors to send spoofed emails.. | Exploit | The Hacker News |