Exploit  List -  2024  2023  2021  2020  2019  2018

DATE

NAME

Info

CATEG.

WEB

21.12.24CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities ListThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote AccessExploit

The Hacker News

18.12.24Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts DetectedThreat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. TheExploit

The Hacker News

27.10.24

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities ( KEV ) catalog by the U.S.Exploit

The Hacker News

27.10.24

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail

Exploit

The Hacker News

26.10.24CISA Warns of Active Exploitation in SolarWinds Help Desk Software VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds WebExploitThe Hacker News

25.9.24

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation ToolCybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo AltoExploitThe Hacker News

21.9.24

Ivanti warns of another critical CSA flaw exploited in attacksToday, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers.Exploit

BleepingComputer

20.9.24

Exploit code released for critical Ivanti RCE flaw, patch nowA proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices.Exploit

BleepingComputer

15.9.24

Ivanti warns high severity CSA flaw is now exploited in attacksIvanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. Exploit

BleepingComputer

15.9.24

Hackers targeting WhatsUp Gold with public exploit since AugustHackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software.Exploit

BleepingComputer

13.9.24

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to AttackersDetails have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfullyExploitThe Hacker News

13.9.24

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical FlawMalicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws inExploitThe Hacker News

8.9.24

Cisco fixes root escalation vulnerability with public exploit codeCisco has fixed a command injection vulnerability in the Identity Services Engine (ISE) with public exploit code that lets attackers escalate privileges to root on vulnerable systems.Exploit

BleepingComputer

4.9.24

Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security PatchGoogle has released its monthly security updates for the Android operating system to address a known security flaw that it said hasExploitThe Hacker News

4.9.24

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and BelarusA hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia andExploitThe Hacker News

4.9.24

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted AccessEight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privilegesExploitThe Hacker News

1.9.24

North Korean hackers exploit Chrome zero-day to deploy rootkitNorth Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit.Exploit

BleepingComputer

30.8.24

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile CyberattackCybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari andExploitThe Hacker News

27.8.24

Google tags a tenth Chrome zero-day as exploited this yearToday, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests.Exploit

BleepingComputer

27.8.24

Versa fixes Director zero-day vulnerability exploited in attacksVersa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI.Exploit

BleepingComputer

25.8.24

Hackers are exploiting critical bug in LiteSpeed Cache pluginHackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public.Exploit

BleepingComputer

23.8.24

Hackers use PHP exploit to backdoor Windows systems with new malwareUnknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577).Exploit

BleepingComputer

23.8.24

Windows driver zero-day exploited by Lazarus hackers to install rootkitThe notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems.Exploit

BleepingComputer

23.8.24

CISA warns of Jenkins RCE bug exploited in ransomware attacks​CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks.Exploit

BleepingComputer

23.8.24

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System ControlDetails have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw inExploitThe Hacker News

21.8.24

Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge BackdoorA previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university inExploitThe Hacker News

20.8.24

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer InformationCybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sitesExploitThe Hacker News

20.8.24

Cybercriminals Exploit Popular Software Searches to Spread FakeBat MalwareCybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing aExploitThe Hacker News

17.8.24

Ivanti warns of critical vTM auth bypass with public exploitToday, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts.Exploit

BleepingComputer

17.8.24

Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion CampaignA large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessibleExploitThe Hacker News

11.8.24

CISA warns about actively exploited Apache OFBiz RCE flawThe U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz.Exploit

BleepingComputer

11.8.24

Exploit released for Cisco SSM bug allowing admin password changesCisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers.Exploit

BleepingComputer

11.8.24

18-year-old security flaw in Firefox and Chrome exploited in attacksA vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network.Exploit

BleepingComputer

11.8.24

SEC ends probe into MOVEit attacks impacting 95 million peopleThe SEC concludes its investigation into Progress Software's handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people.Exploit

BleepingComputer

9.8.24

Google fixes Android kernel zero-day exploited in targeted attacksAndroid security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks.Exploit

BleepingComputer

9.8.24

Windows Smart App Control, SmartScreen bypass exploited since 2018A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018.Exploit

BleepingComputer

9.8.24

CISA Warns of Hackers Exploiting Legacy Cisco Smart Install FeatureThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco SmartExploitThe Hacker News

7.8.24

New Linux Kernel Exploit Technique 'SLUBStick' Discovered by ResearchersCybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited toExploitThe Hacker News

4.8.24

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS ToolCybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfiguredExploitThe Hacker News

3.8.24

New Specula tool uses Outlook for remote code execution in WindowsMicrosoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec.Exploit

BleepingComputer

29.7.24

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing EmailsAn unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in emailExploitThe Hacker News

25.7.24

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza StealersA now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliverExploitThe Hacker News

16.7.24

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools SoftwareThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServerExploitThe Hacker News

15.7.24

Hackers use PoC exploits in attacks 22 minutes after releaseThreat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available.Exploit

BleepingComputer

11.7.24

PHP Vulnerability Exploited to Spread Malware and Launch DDoS AttacksMultiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans,Exploit

The Hacker News

2.7.24

Cisco warns of NX-OS zero-day exploited to deploy custom malwareCisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches.Exploit

BleepingComputer

30.6.24

Hackers exploit critical D-Link DIR-859 router flaw to steal passwordsHackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords.Exploit

BleepingComputer

29.6.24

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw releasedThe Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database.Exploit

BleepingComputer

28.6.248220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency MiningSecurity researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting knownExploitThe Hacker News
28.6.24New SnailLoad Attack Exploits Network Latency to Spy on Users' Web ActivitiesA group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known asExploitThe Hacker News
27.6.24SolarWinds Serv-U path traversal flaw actively exploited in attacksThreat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits.Exploit

BleepingComputer

27.6.24Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP!A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wildExploitThe Hacker News
17.6.24Hackers Exploit Legitimate Websites to Deliver BadSpace Windows BackdoorLegitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise ofExploitThe Hacker News
15.6.24Google patches exploited Android zero-day on Pixel devicesGoogle has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day.Exploit

BleepingComputer

13.6.24Google Warns of Pixel Firmware Security Flaw Exploited as Zero-DayGoogle has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severityExploitThe Hacker News
13.6.24Arm warns of actively exploited flaw in Mali GPU kernel driversArm has issued a security bulletin warning of a memory-related vulnerability in Bifrost and Valhall GPU kernel drivers that is being exploited in the wild.Exploit

BleepingComputer

11.6.24Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU DriversArm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked asExploitThe Hacker News
9.6.24New PHP Vulnerability Exposes Windows Servers to Remote Code ExecutionDetails have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution underExploitThe Hacker News

6.6.24

Hackers Exploit Legitimate Packer Software to Spread Malware UndetectedThreat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection andExploit

The Hacker News

1.6.24

Check Point VPN zero-day exploited in attacks since April 30Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks.Exploit

BleepingComputer

31.5.24

Exploit released for maximum severity Fortinet RCE bug, patch now​Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February.Exploit

BleepingComputer

28.5.24

WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites

Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victimExploitThe Hacker News

26.5.24

High-severity GitLab flaw lets attackers take over accountsGitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks.Exploit

BleepingComputer

24.5.24

Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploitedExploitThe Hacker News

23.5.24

QNAP QTS zero-day in Share feature gets public RCE exploitAn extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed.Exploit

BleepingComputer

23.5.24

CISA warns of hackers exploiting Chrome, EoL D-Link bugsThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers.ExploitBleepingComputer

23.5.24

MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted AttacksAn unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware inExploitThe Hacker News

20.5.24

Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware ArsenalMultiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla,ExploitThe Hacker News

20.5.24

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware CocktailA "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealerExploitThe Hacker News

18.5.24

Google fixes third actively exploited Chrome zero-day in a weekGoogle has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week.Exploit

BleepingComputer

18.5.24

PoC exploit released for RCE zero-day in D-Link EXO AX4800 routersThe D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.Exploit

BleepingComputer

16.5.24

Google Patches Yet Another Actively Exploited Chrome Zero-Day VulnerabilityGoogle has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has beenExploitThe Hacker News
9.5.24Hackers exploit LiteSpeed Cache flaw to create WordPress adminsHackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.Exploit

BleepingComputer

8.5.24Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress SitesA high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to createExploitThe Hacker News
8.5.24Exploits and vulnerabilities in Q1 2024Money is what always attracts cybercriminals. A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, ExploitSecurelist
4.5.24Over 1,400 CrushFTP servers vulnerable to actively exploited bug​Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability previously exploited as a zero-day.Exploit

BleepingComputer

4.5.24Maximum severity Flowmon bug has a public exploit, patch nowProof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility.Exploit

BleepingComputer

4.5.24ArcaneDoor hackers exploit Cisco zero-days to breach govt networksCisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide.ExploitBleepingComputer
2.5.24

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known ExploitedExploitThe Hacker News
26.4.24Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress SitesThreat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allowExploitThe Hacker News
23.4.24MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti FlawsThe MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in IvantiExploitThe Hacker News
20.4.24CrushFTP warns users to patch exploited zero-day “immediately”CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately.Exploit

BleepingComputer

20.4.24Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted AttacksUsers of the CrushFTP enterprise file transfer software are being urged to update to the latest version following theExploitThe Hacker News
18.4.24Cisco discloses root escalation flaw with public exploit codeCisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root.Exploit

BleepingComputer

18.4.24Hackers Exploit OpenMetadata Flaws to Mine Crypto on KubernetesThreat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to KubernetesExploitThe Hacker News
17.4.24Ivanti warns of critical flaws in its Avalanche MDM solutionIvanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.Exploit

BleepingComputer

17.4.24Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale SpreadLast year, a command injection vulnerability, CVE-2023-1389, was disclosed and a fix developed for the web management interface of the TP-Link Archer AX21 (AX1800).ExploitFORTINET
14.4.24Palo Alto Networks zero-day exploited since March to backdoor firewallsSuspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials.Exploit

BleepingComputer

14.4.24Palo Alto Networks warns of PAN-OS firewall zero-day used in attacksToday, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks.Exploit

BleepingComputer

13.4.24Microsoft fixes two Windows zero-days exploited in malware attacksMicrosoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such.Exploit

BleepingComputer

10.4.24Researchers Uncover First Native Spectre v2 Exploit Against Linux KernelCybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systemsExploitThe Hacker News
10.4.24Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to AttacksA critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injectionExploitThe Hacker News
7.4.24Hackers Exploit Magento Bug to Steal Payment Data from E-commerce WebsitesThreat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. TheExploitThe Hacker News
30.3.24CISA tags Microsoft SharePoint RCE bug as actively exploitedCISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks.Exploit

BleepingComputer

30.3.24Hackers exploit Ray framework flaw to breach servers, hijack resourcesA new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.Exploit

BleepingComputer

23.3.24Exploit released for Fortinet RCE bug used in attacks, patch nowSecurity researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.Exploit

BleepingComputer

19.3.24Hackers Exploiting Popular Document Publishing Sites for Phishing AttacksThreat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and SimplebookletExploitThe Hacker News
13.3.24Hackers exploit WordPress plugin flaw to infect 3,300 sites with malwareHackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code.Exploit

BleepingComputer

11.3.24Proof-of-Concept Exploit Released for Progress Software OpenEdge VulnerabilityTechnical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress SoftwareExploitThe Hacker News
8.3.24QEMU Emulator Exploited as Tunneling Tool to Breach Company NetworkThreat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting anExploit

The Hacker News

8.3.24CISA Warns of Actively Exploited JetBrains TeamCity VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-ExploitThe Hacker News
7.3.24Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto MiningThreat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services asExploit

The Hacker News

6.3.24Exploit available for new critical TeamCity auth bypass bug, patch nowA critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions. Exploit

BleepingComputer

5.3.24Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server TakeoversA new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor toExploitThe Hacker News
4.3.24How Cybercriminals are Exploiting India's UPI for Money Laundering OperationsCybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money launderingExploitThe Hacker News
1.3.24Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway VulnerabilitiesThe Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws inExploitThe Hacker News
1.3.24Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent AttacksThe notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-levelExploit

The Hacker News

24.2.24ScreenConnect critical bug now under attack as exploit code emergesBoth technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.Exploit

BleepingComputer

23.2.24Over 28,500 Exchange servers vulnerable to actively exploited bugUp to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting.Exploit

BleepingComputer

23.2.24Hackers exploit critical RCE flaw in Bricks WordPress site builderHackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites.Exploit

BleepingComputer

18.2.24Over 13,000 Ivanti gateways vulnerable to actively exploited bugsThousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched.Exploit

BleepingComputer

18.2.24New critical Microsoft Outlook RCE bug is trivial to exploitMicrosoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View.Exploit

BleepingComputer

17.2.24CISA: Roundcube email server bug now exploited in attacksCISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks.Exploit

BleepingComputer

10.2.24New Fortinet RCE bug is actively exploited, CISA confirmsCISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday.Exploit

BleepingComputer

10.2.24New Fortinet RCE flaw in SSL VPN likely exploited in attacksFortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.Exploit

BleepingComputer

10.2.24Raspberry Robin Malware Upgrades with Discord Spread and New ExploitsThe operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to beExploitThe Hacker News
9.2.24Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active ExploitationFortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762ExploitThe Hacker News
8.2.24Critical Patches Released for New Flaws in Cisco, Fortinet, VMware ProductsCisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploitedExploitThe Hacker News
7.2.24Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military NetworkChinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "ThisExploitThe Hacker News
6.2.24Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass ExploitationA recently disclosed server-side request forgery ( SSRF ) vulnerability impacting Ivanti Connect Secure and Policy Secure products has comeExploitThe Hacker News
5.2.24New Mispadu Banking Trojan Exploiting Windows SmartScreen FlawThe threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw toExploitThe Hacker News

2.2.24

Exploits released for critical Jenkins RCE flaw, patch nowMultiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks.Exploit

BleepingComputer

2.2.24

Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN VulnerabilitiesGoogle-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groupsExploitThe Hacker News
1.2.24RunC Flaws Enable Container Escapes, Granting Attackers Host AccessMultiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of theExploitThe Hacker News

1.2.24

Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active ExploitationIvanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. ExploitThe Hacker News

31.1.24

Exploit released for Fortra GoAnywhere MFT auth bypass bugExploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.Exploit

BleepingComputer

31.1.24

Hackers start exploiting critical Atlassian Confluence RCE flawSecurity researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers.Exploit

BleepingComputer

24.1.24

Google Kubernetes Misconfig Lets Any Gmail Account Control Your ClustersCybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actorsExploitThe Hacker News

22.1.24

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell AttacksCybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliverExploitThe Hacker News

21.1.24

VMware confirms critical vCenter flaw now exploited in attacksVMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation.Exploit

BleepingComputer

20.1.24

CISA: Critical Ivanti auth bypass bug now actively exploitedCISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation.Exploit

BleepingComputer

20.1.24

CISA pushes federal agencies to patch Citrix RCE within a weekToday, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks.Exploit

BleepingComputer

20.1.24

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day ExploitsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive BranchExploitThe Hacker News

19.1.24

Windows SmartScreen flaw exploited to drop Phemedrone malwareA Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files.Exploit

BleepingComputer

17.1.24

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited VulnerabilityGoogle on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked asExploitThe Hacker News

17.1.24

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act NowOver 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to causeExploitThe Hacker News

13.1.24

CISA: Critical Microsoft SharePoint bug now actively exploitedCISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution.Exploit

BleepingComputer

13.1.24

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware FamiliesAs many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-dayExploitThe Hacker News

12.1.24

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to itsExploitThe Hacker News

12.1.24

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP SystemsCybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-sourceExploitThe Hacker News

11.1.24

Ivanti warns of Connect Secure zero-days exploited in attacksIvanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways.Exploit

BleepingComputer

11.1.24

CISA warns agencies of fourth flaw used in Triangulation spyware attacksThe U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Adobe, Apache, D-Link, and Joomla.Exploit

BleepingComputer

10.1.24

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the GlobePoorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoingExploitThe Hacker News

3.1.24

SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof EmailsA new exploitation technique called Simple Mail Transfer Protocol ( SMTP ) smuggling can be weaponized by threat actors to send spoofed emails..ExploitThe Hacker News