Exploit List - 2024 2023 2021 2020 2019 2018
DATE |
NAME |
Info | CATEG. | WEB |
|
12.10.25 |
Hackers exploit auth bypass in Service Finder WordPress theme | Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. | Exploit | |
|
11.10.25 |
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability | Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day | Exploit | |
|
9.10.25 |
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme | Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including | Exploit | |
|
9.10.25 |
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks | Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy | Exploit | |
|
7.10.25 |
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files | A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS | Exploit | |
| 4.10.25 | Chinese hackers exploiting VMware zero-day since October 2024 | Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024. | Exploit | |
| 3.10.25 | Hackers Exploit Milesight Routers to Send Phishing SMS to European Users | Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February | Exploit | The Hacker News |
| 3.10.25 | Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024 | A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called | Exploit | The Hacker News |
| 3.10.25 | CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems | Exploit | The Hacker News |
| 28.9.25 | Maximum severity GoAnywhere MFT flaw exploited as zero day | Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication. | Exploit | |
| 28.9.25 | CISA orders agencies to patch Cisco flaws exploited in zero-day attacks | CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. | Exploit | |
| 28.9.25 | Cisco warns of ASA firewall zero-days exploited in attacks | Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company's firewall software. | Exploit | |
| 28.9.25 | Cisco warns of IOS zero-day vulnerability exploited in attacks | Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that is currently being exploited in attacks. | Exploit | |
| 27.9.25 | Libraesva ESG issues emergency fix for bug exploited by state hackers | Libraesva rolled out an emergency update for its Email Security Gateway solution to fix a vulnerability exploited by threat actors believed to be state sponsored. | Exploit | |
| 27.9.25 | CISA says hackers breached federal agency using GeoServer exploit | CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. | Exploit | |
| 26.9.25 | Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure | Cybersecurity company watchTowr Labs has disclosed that it has "credible evidence" of active exploitation of the recently disclosed security flaw in Fortra GoAnywhere Managed File Transfer | Exploit | The Hacker News |
| 26.9.25 | Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware | The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to | Exploit | The Hacker News |
| 24.9.25 | Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials | Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web | Exploit | The Hacker News |
| 24.9.25 | State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability | Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, | Exploit | The Hacker News |
| 21.9.25 | CISA exposes malware kits deployed in Ivanti EPMM attacks | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). | Exploit | |
| 21.9.25 | Google patches sixth Chrome zero-day exploited in attacks this year | Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since the start of the year. | Exploit | |
| 19.9.25 | CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428 | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization's network following | Exploit | The Hacker News |
| 18.9.25 | CISA warns of actively exploited Dassault RCE vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution flaw in DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution from French company Dassault Systèmes. | Exploit | |
| 18.9.25 | Samsung patches actively exploited zero-day reported by WhatsApp | Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. | Exploit | |
| 18.9.25 | Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions | Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day | Exploit | The Hacker News |
| 16.9.25 | SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids | A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps , collectively attracting 38 million downloads across 228 countries and | Exploit | The Hacker News |
| 16.9.25 | Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack | Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 | Exploit | The Hacker News |
| 12.9.25 | Critical SAP S/4HANA vulnerability now exploited in attacks | A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. | Exploit | BleepingComputer |
| 12.9.25 | Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Systèmes DELMIA Apriso | Exploit | The Hacker News |
| 7.9.25 | Hackers exploited Sitecore zero-day flaw to deploy backdoors | Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. | Exploit | |
| 7.9.25 | New TP-Link zero-day surfaces as CISA warns other flaws are exploited | TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in attacks. | Exploit | |
| 4.9.25 | CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited | Exploit | The Hacker News |
| 4.9.25 | Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers | Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry | Exploit | The Hacker News |
| 4.9.25 | Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure | Threat actors are attempting to leverage a newly released artificial intelligence (AI) offensive security tool called HexStrike AI to exploit recently disclosed security | Exploit | The Hacker News |
| 4.9.25 | CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender | Exploit | The Hacker News |
| 31.8.25 | FreePBX servers hacked via zero-day, emergency fix released | The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet. | Exploit | |
| 30.8.25 | CISA warns of actively exploited Git code execution flaw | The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. | Exploit | |
| 30.8.25 | Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution | Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code | Exploit | The Hacker News |
| 29.8.25 | FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available | The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an | Exploit | The Hacker News |
| 24.8.25 | GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets | Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious | Exploit | |
| 23.8.25 | Researcher to release exploit for full auth bypass on FortiWeb | A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. | Exploit | |
| 22.8.25 | Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks | Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of | Exploit | The Hacker News |
| 21.8.25 | Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks | Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild. The | Exploit | The Hacker News |
| 19.8.25 | Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware | Cybersecurity researchers have lifted the lid on the threat actors' exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware | Exploit | The Hacker News |
| 17.8.25 | Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware | The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads. | Exploit | The Hacker News |
| 14.8.25 | CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited | Exploit | The Hacker News |
| 12.8.25 | Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls | Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May | Exploit | The Hacker News |
| 08.08.25 | 6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploits | Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis Communications that, if successfully exploited, | Exploit | The Hacker News |
| 06.08.25 | CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link Wi-Fi cameras and video recorders to its | Exploit | The Hacker News |
| 25.7.25 | CISA warns of hackers exploiting SysAid vulnerabilities in attacks | CISA has warned that attackers are actively exploiting two security vulnerabilities in the SysAid IT service management (ITSM) software to hijack administrator accounts. | Exploit | |
| 25.7.25 | Cisco: Maximum-severity ISE RCE flaws now exploited in attacks | Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. | Exploit | |
| 25.7.25 | Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks | Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks | Exploit | |
| 25.7.25 | Microsoft SharePoint zero-day exploited in RCE attacks, no patch available | Critical zero-day vulnerabilities in Microsoft SharePoint, tracked as CVE-2025-53770 and CVE-2025-53771, have been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. | Exploit | |
| 25.7.25 | Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments | Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, | Exploit | The Hacker News |
| 25.7.25 | Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems | Microsoft has revealed that one of the threat actors behind the active exploitation of SharePoint flaws is deploying Warlock ransomware on targeted systems. The | Exploit | The Hacker News |
| 23.7.25 | Disrupting active exploitation of on-premises SharePoint vulnerabilities | On July 19, 2025, Microsoft Security Response Center (MSRC) published a blog addressing active attacks against on-premises SharePoint servers that exploit CVE-2025-49706, a spoofing vulnerability, and CVE-2025-49704, a remote code execution vulnerability. | Exploit | Microsoft |
| 23.7.25 | SharePoint Zero-Day CVE-2025-53770 Actively Exploited: What Security Teams Need to Know | A critical zero-day vulnerability (CVE-2025-53770 ) in SharePoint on-prem is actively being exploited in the wild. | Exploit | Checkpoint |
| 23.7.25 | CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks | The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its | Exploit | The Hacker News |
| 23.7.25 | Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups | Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon | Exploit | The Hacker News |
| 23.7.25 | Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access | Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. | Exploit | The Hacker News |
| 23.7.25 | Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access | The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point | Exploit | The Hacker News |
| 22.7.25 | Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks | Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details of another vulnerability that it said has | Exploit | The Hacker News |
| 20.7.25 | Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations | A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an "active, large-scale" exploitation campaign. The zero-day flaw, tracked | Exploit | The Hacker News |
| 20.7.25 | Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers | A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309 , the | Exploit | The Hacker News |
| 20.7.25 | New CrushFTP zero-day exploited in attacks to hijack servers | CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. | Exploit | |
| 20.7.25 | Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks | A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed "CitrixBleed 2," was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. | Exploit | |
| 20.7.25 | VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin | VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. | Exploit | |
| 19.7.25 | Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks | Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting | Exploit | The Hacker News |
| 18.7.25 | Google fixes actively exploited sandbox escape zero day in Chrome | Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection. | Exploit | |
| 17.7.25 | Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild | Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity | Exploit | The Hacker News |
| 13.7.25 | Hackers are exploiting critical RCE flaw in Wing FTP Server | Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. | Exploit | |
| 13.7.25 | Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now | Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. | Exploit | |
| 13.7.25 | The zero-day that could've compromised every Cursor and Windsurf user | Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines via an extension supply chain attack. The zero-day threat's been patched—but the wake-up call is clear: extensions are a new, massive supply chain risk. | Exploit | |
| 13.7.25 | CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch | The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. | Exploit | BleepingComputer |
| 10.7.25 | Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets | The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized | Exploit | The Hacker News |
| 8.7.25 | CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing | Exploit | The Hacker News |
| 3.7.25 | Google fixes fourth actively exploited Chrome zero-day of 2025 | Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. | Exploit | BleepingComputer |
| 1.7.25 | Google Patches Critical Zero-Day Flaw in Chrome's V8 Engine After Active Exploitation | Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as | Exploit | The Hacker News |
| 29.6.25 | Citrix Bleed 2 flaw now believed to be exploited in attacks | A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in suspicious sessions on Citrix devices. | Exploit | BleepingComputer |
| 28.6.25 | Citrix warns of NetScaler vulnerability exploited in DoS attacks | Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition. | Exploit | |
| 26.6.25 | Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa | Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open- | Exploit | The Hacker News |
| 25.6.25 | SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks | Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who | Exploit | The Hacker News |
| 23.6.25 | WordPress Motors theme flaw mass-exploited to hijack admin accounts | Hackers are exploiting a critical privilege escalation vulnerability in the WordPress theme "Motors" to hijack administrator accounts and gain complete control of a targeted site. | Exploit | |
| 22.6.25 | CISA warns of attackers exploiting Linux flaw with PoC exploit | CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges. | Exploit | |
| 21.6.25 | Sitecore CMS exploit chain starts with hardcoded 'b' password | A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers. | Exploit | BleepingComputer |
| 18.6.25 | CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities ( KEV ) catalog, stating it has been actively exploited in the wild. | Exploit | The Hacker News |
| 18.6.25 | Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor | A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper . The attack, | Exploit | The Hacker News |
| 14.6.25 | Over 84,000 Roundcube instances vulnerable to actively exploited flaw | Over 84,000 instances of the Roundcube webmail software are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) vulnerability with a publicly available exploit. | Exploit | BleepingComputer |
| 13.6.25 | Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware | Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated | Exploit | The Hacker News |
| 10.6.25 | CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and | Exploit | The Hacker News |
| 8.6.25 | Critical Fortinet flaws now exploited in Qilin ransomware attacks | The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. | Exploit | BleepingComputer |
| 8.6.25 | Hacker selling critical Roundcube webmail exploit as tech info disclosed | Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. | Exploit | BleepingComputer |
| 7.6.25 | Cisco warns of ISE and CCP flaws with public exploit code | Cisco has released patches to address three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) solutions. | Exploit | BleepingComputer |
| 6.6.25 | CISA warns of ConnectWise ScreenConnect bug exploited in attacks | CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server. | Exploit | BleepingComputer |
| 6.6.25 | Qualcomm fixes three Adreno GPU zero-days exploited in attacks | Qualcomm has released security patches for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that impact dozens of chipsets and are actively exploited in targeted attacks. | Exploit | BleepingComputer |
| 6.6.25 | Exploit details for max severity Cisco IOS XE flaw now public | Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. | Exploit | BleepingComputer |
| 6.6.25 | Hackers are exploiting critical flaw in vBulletin forum software | Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. | Exploit | BleepingComputer |
| 6.6.25 | Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks | A now-patched critical security flaw in the Wazuh Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct | Exploit | The Hacker News |
| 3.6.25 | New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch | Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the | Exploit | The Hacker News |
| 30.5.24 | China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil | The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks | Exploit | The Hacker News |
| 28.5.24 | Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware | A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management | Exploit | The Hacker News |
| 28.5.24 | 251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch | Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The | Exploit | The Hacker News |
| 25.5.24 | Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies | Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. | Exploit | |
| 23.5.24 | Mozilla fixes Firefox zero-days exploited at hacking contest | Mozilla released emergency security updates to address two Firefox zero-day vulnerabilities demonstrated in the recent Pwn2Own Berlin 2025 hacking competition. | Exploit | |
| 23.5.24 | CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications | Exploit | The Hacker News |
| 22.5.24 | Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks | A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble | Exploit | The Hacker News |
| 22.5.24 | China-Nexus Threat Actor Actively Exploiting Ivanti Endpoint Manager Mobile (CVE-2025-4428) Vulnerability | On Thursday, May 15, 2025, Ivanti disclosed two critical vulnerabilities - CVE-2025-4427 and CVE-2025-4428 - affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier. [1] These vulnerabilities can be chained to achieve unauthenticated remote code execution (RCE) on exposed systems. | Exploit | EclectiIQ |
| 22.5.24 | Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks | A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide | Exploit | The Hacker News |
| 20.5.24 | Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery | A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft | Exploit | The Hacker News |
| 20.5.24 | AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation | Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door | Exploit | The Hacker News |
| 20.5.24 | Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts | Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen | Exploit | |
| 20.5.24 | Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards | Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or | Exploit | The Hacker News |
| 18.5.24 | CISA tags recently patched Chrome bug as actively exploited | On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. | Exploit | |
| 18.5.24 | Google fixes high severity Chrome flaw with public exploit | Google has released emergency security updates to patch a high-severity Chrome vulnerability that has a public exploit and can let attackers hijack accounts. | Exploit | BleepingComputer |
| 17.5.24 | Ivanti fixes EPMM zero-days chained in code execution attacks | Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. | Exploit | |
| 16.5.24 | Output Messenger flaw exploited as zero-day in espionage attacks | A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. | Exploit | BleepingComputer |
| 15.5.24 | New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy | Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the | Exploit | The Hacker News |
| 11.5.24 | SonicWall urges admins to patch VPN flaw exploited in attacks | SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks | Exploit | BleepingComputer |
| 11.5.24 | Hackers exploit OttoKit WordPress plugin flaw to add admin accounts | Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. | Exploit | BleepingComputer |
| 11.5.24 | Play ransomware exploited Windows logging flaw in zero-day attacks | The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. | Exploit | BleepingComputer |
| 11.5.24 | Samsung MagicINFO 9 Server RCE flaw now exploited in attacks | Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. | Exploit | |
| 9.5.24 | 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases | Cybersecurity researchers have exposed what they say is an "industrial-scale, global cryptocurrency phishing operation" engineered to steal digital assets from | Exploit | The Hacker News |
| 7.5.24 | OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws | A second security flaw impacting the OttoKit (formerly SureTriggers ) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as | Exploit | The Hacker News |
| 7.5.24 | Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet | Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet | Exploit | The Hacker News |
| 6.5.24 | Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence | A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities ( KEV ) catalog by | Exploit | The Hacker News |
| 3.5.24 | SonicWall warns of more VPN flaws exploited in attacks | Cybersecurity company SonicWall has warned customers that two older vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. | Exploit | |
| 2.5.24 | CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks | The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks. | Exploit | |
| 2.5.24 | Google: 97 zero-days exploited in 2024, over 50% in spyware attacks | Google's Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. | Exploit | BleepingComputer |
| 1.5.24 | SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models | SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The | Exploit | The Hacker News |
| 30.4.25 | Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw | Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. | Exploit | BleepingComputer |
| 28.4.25 | Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products | Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023. Of the 75 zero-days, 44% of them targeted | Exploit | The Hacker News |
| 28.4.25 | Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised | Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized | Exploit | The Hacker News |
| 27.4.25 | Craft CMS RCE exploit chain used in zero-day attacks to steal data | Craft CMS RCE exploit chain used in zero-day attacks to steal data | Exploit | |
| 25.4.25 | Active! Mail RCE flaw exploited in attacks on Japanese orgs | An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. | Exploit | |
| 25.4.25 | New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework | Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code | Exploit | The Hacker News |
| 23.4.25 | Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp | Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to | Exploit | The Hacker News |
| 23.4.25 | Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals | Cybersecurity researchers have detailed a malware campaign that's targeting Docker environments with a previously undocumented technique to mine | Exploit | The Hacker News |
| 22.4.25 | Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials | In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be | Exploit | The Hacker News |
| 21.4.25 | Critical Erlang/OTP SSH RCE bug now has public exploits, patch now | Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. | Exploit | |
| 21.4.25 | Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now | A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. | Exploit | |
| 20.4.25 | CISA tags SonicWall VPN flaw as actively exploited in attacks | On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. | Exploit | |
| 17.4.25 | CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access ( SMA ) 100 | Exploit | The Hacker News |
| 17.4.25 | Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks | Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under | Exploit | The Hacker News |
| 15.4.25 | Gladinet's Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability | A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven | Exploit | The Hacker News |
| 13.4.25 | Hackers exploit WordPress plugin auth bypass hours after disclosure | Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. | Exploit | |
| 12.4.25 | CentreStack RCE exploited as zero-day to breach file sharing servers | Hackers exploited a vulnerability in Gladinet CentreStack's secure file-sharing software as a zero-day since March to breach storage servers | Exploit | |
| 12.4.25 | Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit | Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to | Exploit | The Hacker News |
| 11.4.25 | OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation | A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public | Exploit | The Hacker News |
| 9.4.25 | PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware | Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware | Exploit | The Hacker News |
| 3.4.25 | Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign | Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment | Exploit | |
|
31.3.25 |
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images | Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and | Exploit | |
|
30.3.25 |
New Ubuntu Linux security bypasses require manual mitigations | Three security bypasses have been discovered in Ubuntu Linux's unprivileged user namespace restrictions, which could be enable a local attacker to exploit vulnerabilities in kernel components. | Exploit | |
|
28.3.25 |
EncryptHub linked to MMC zero-day attacks on Windows systems | A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. | Exploit | |
|
26.3.25 |
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware | The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of | Exploit | The Hacker News |
|
26.3.25 |
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks | Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that has been exploited in the wild as part of | Exploit | The Hacker News |
|
23.3.25 |
Critical Cisco Smart Licensing Utility flaws now exploited in attacks | Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account. | Exploit | |
|
22.3.25 |
New Windows zero-day exploited by 11 state hacking groups since 2017 | At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017 | Exploit | |
|
21.3.25 |
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility | Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center . The | Exploit | The Hacker News |
|
20.3.25 |
Critical RCE flaw in Apache Tomcat actively exploited in attacks | A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. | Exploit | |
|
19.3.25 |
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads | Cybersecurity researchers have warned about a large-scale ad fraud campaign that has leveraged hundreds of malicious apps published on the Google Play Store | Exploit | |
|
18.3.25 |
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure | A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept | Exploit | The Hacker News |
|
17.3.25 |
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions | Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users' | Exploit | The Hacker News |
| 13.3.25 | Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk | Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has | Exploit | The Hacker News |
| 8.3.25 | Cisco warns of Webex for BroadWorks flaw exposing credentials | Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely. | Exploit | BleepingComputer |
| 8.3.25 | CISA tags Windows, Cisco vulnerabilities as actively exploited | CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. | Exploit | BleepingComputer |
| 4.3.25 | Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, | Exploit | The Hacker News |
| 4.3.25 | Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks | Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and | Exploit | The Hacker News |
| 1.3.25 | Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone | A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The Android phone of one student protester was | Exploit | The Hacker News |
| 27.2.25 | Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers | The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company's CEO Ben | Exploit | The Hacker News |
| 27.2.25 | Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites | A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of | Exploit | The Hacker News |
| 26.2.25 | CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra | Exploit | The Hacker News |
| 25.2.25 | Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle | Exploit | The Hacker News |
| 22.2.25 | Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes | Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized | Exploit | The Hacker News |
|
14.1.25 | Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners | A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy | Exploit | The Hacker News |
|
3.1.25 | LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers | A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could | Exploit | |
|
31.12.24 | Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation | Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various | Exploit | |
| 21.12.24 | CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access | Exploit | |
| 18.12.24 | Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected | Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The | Exploit | |
|
27.10.24 |
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) | A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities ( KEV ) catalog by the U.S. | Exploit | |
|
27.10.24 |
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials |
Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail | ||
| 26.10.24 | CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web | Exploit | The Hacker News |
25.9.24 |
Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool | Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto | Exploit | The Hacker News |
21.9.24 |
Ivanti warns of another critical CSA flaw exploited in attacks | Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. | Exploit | |
20.9.24 |
Exploit code released for critical Ivanti RCE flaw, patch now | A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. | Exploit | |
15.9.24 |
Ivanti warns high severity CSA flaw is now exploited in attacks | Ivanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. | Exploit | |
15.9.24 |
Hackers targeting WhatsUp Gold with public exploit since August | Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. | Exploit | |
13.9.24 |
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers | Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully | Exploit | The Hacker News |
13.9.24 |
Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw | Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in | Exploit | The Hacker News |
8.9.24 |
Cisco fixes root escalation vulnerability with public exploit code | Cisco has fixed a command injection vulnerability in the Identity Services Engine (ISE) with public exploit code that lets attackers escalate privileges to root on vulnerable systems. | Exploit | |
4.9.24 |
Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch | Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has | Exploit | The Hacker News |
4.9.24 |
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus | A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and | Exploit | The Hacker News |
4.9.24 |
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access | Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges | Exploit | The Hacker News |
1.9.24 |
North Korean hackers exploit Chrome zero-day to deploy rootkit | North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. | Exploit | |
30.8.24 |
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack | Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and | Exploit | The Hacker News |
27.8.24 |
Google tags a tenth Chrome zero-day as exploited this year | Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. | Exploit | |
27.8.24 |
Versa fixes Director zero-day vulnerability exploited in attacks | Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. | Exploit | |
25.8.24 |
Hackers are exploiting critical bug in LiteSpeed Cache plugin | Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. | Exploit | |
23.8.24 |
Hackers use PHP exploit to backdoor Windows systems with new malware | Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). | Exploit | |
23.8.24 |
Windows driver zero-day exploited by Lazarus hackers to install rootkit | The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. | Exploit | |
23.8.24 |
CISA warns of Jenkins RCE bug exploited in ransomware attacks | CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks. | Exploit | |
23.8.24 |
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control | Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in | Exploit | The Hacker News |
21.8.24 |
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor | A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in | Exploit | The Hacker News |
20.8.24 |
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information | Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites | Exploit | The Hacker News |
20.8.24 |
Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware | Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a | Exploit | The Hacker News |
17.8.24 |
Ivanti warns of critical vTM auth bypass with public exploit | Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. | Exploit | |
17.8.24 |
Attackers Exploit Public .env Files to Breach Cloud Accounts in Extortion Campaign | A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible | Exploit | The Hacker News |
11.8.24 |
CISA warns about actively exploited Apache OFBiz RCE flaw | The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. | Exploit | |
11.8.24 |
Exploit released for Cisco SSM bug allowing admin password changes | Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers. | Exploit | |
11.8.24 |
18-year-old security flaw in Firefox and Chrome exploited in attacks | A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network. | Exploit | |
11.8.24 |
SEC ends probe into MOVEit attacks impacting 95 million people | The SEC concludes its investigation into Progress Software's handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people. | Exploit | |
9.8.24 |
Google fixes Android kernel zero-day exploited in targeted attacks | Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. | Exploit | |
9.8.24 |
Windows Smart App Control, SmartScreen bypass exploited since 2018 | A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018. | Exploit | |
9.8.24 |
CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart | Exploit | The Hacker News |
7.8.24 |
New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers | Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to | Exploit | The Hacker News |
4.8.24 |
Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool | Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured | Exploit | The Hacker News |
3.8.24 |
New Specula tool uses Outlook for remote code execution in Windows | Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. | Exploit | |
29.7.24 |
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails | An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email | Exploit | The Hacker News |
25.7.24 |
Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers | A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver | Exploit | The Hacker News |
16.7.24 |
CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer | Exploit | The Hacker News |
15.7.24 |
Hackers use PoC exploits in attacks 22 minutes after release | Threat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available. | Exploit | |
11.7.24 |
PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks | Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, | Exploit | |
2.7.24 |
Cisco warns of NX-OS zero-day exploited to deploy custom malware | Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. | Exploit | |
30.6.24 |
Hackers exploit critical D-Link DIR-859 router flaw to steal passwords | Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. | Exploit | |
29.6.24 |
Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released | The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. | Exploit | |
| 28.6.24 | 8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining | Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known | Exploit | The Hacker News |
| 28.6.24 | New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities | A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as | Exploit | The Hacker News |
| 27.6.24 | SolarWinds Serv-U path traversal flaw actively exploited in attacks | Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. | Exploit | |
| 27.6.24 | Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP! | A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild | Exploit | The Hacker News |
| 17.6.24 | Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor | Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of | Exploit | The Hacker News |
| 15.6.24 | Google patches exploited Android zero-day on Pixel devices | Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. | Exploit | |
| 13.6.24 | Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day | Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity | Exploit | The Hacker News |
| 13.6.24 | Arm warns of actively exploited flaw in Mali GPU kernel drivers | Arm has issued a security bulletin warning of a memory-related vulnerability in Bifrost and Valhall GPU kernel drivers that is being exploited in the wild. | Exploit | |
| 11.6.24 | Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers | Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as | Exploit | The Hacker News |
| 9.6.24 | New PHP Vulnerability Exposes Windows Servers to Remote Code Execution | Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under | Exploit | The Hacker News |
6.6.24 |
Hackers Exploit Legitimate Packer Software to Spread Malware Undetected | Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and | Exploit | |
1.6.24 |
Check Point VPN zero-day exploited in attacks since April 30 | Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks. | Exploit | |
31.5.24 |
Exploit released for maximum severity Fortinet RCE bug, patch now | Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February. | Exploit | |
28.5.24 |
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites |
Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim | Exploit | The Hacker News |
26.5.24 |
High-severity GitLab flaw lets attackers take over accounts | GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. | Exploit | |
24.5.24 |
Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024 | Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited | Exploit | The Hacker News |
23.5.24 |
QNAP QTS zero-day in Share feature gets public RCE exploit | An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. | Exploit | |
23.5.24 |
CISA warns of hackers exploiting Chrome, EoL D-Link bugs | The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. | Exploit | BleepingComputer |
23.5.24 |
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks | An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in | Exploit | The Hacker News |
20.5.24 |
Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal | Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, | Exploit | The Hacker News |
20.5.24 |
Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail | A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer | Exploit | The Hacker News |
18.5.24 |
Google fixes third actively exploited Chrome zero-day in a week | Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. | Exploit | |
18.5.24 |
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers | The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. | Exploit | |
16.5.24 |
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability | Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been | Exploit | The Hacker News |
| 9.5.24 | Hackers exploit LiteSpeed Cache flaw to create WordPress admins | Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites. | Exploit | |
| 8.5.24 | Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites | A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create | Exploit | The Hacker News |
| 8.5.24 | Exploits and vulnerabilities in Q1 2024 | Money is what always attracts cybercriminals. A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, | Exploit | Securelist |
| 4.5.24 | Over 1,400 CrushFTP servers vulnerable to actively exploited bug | Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability previously exploited as a zero-day. | Exploit | |
| 4.5.24 | Maximum severity Flowmon bug has a public exploit, patch now | Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility. | Exploit | |
| 4.5.24 | ArcaneDoor hackers exploit Cisco zero-days to breach govt networks | Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. | Exploit | BleepingComputer |
| 2.5.24 | CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited | Exploit | The Hacker News |
| 26.4.24 | Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites | Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow | Exploit | The Hacker News |
| 23.4.24 | MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws | The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti | Exploit | The Hacker News |
| 20.4.24 | CrushFTP warns users to patch exploited zero-day “immediately” | CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately. | Exploit | |
| 20.4.24 | Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks | Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the | Exploit | The Hacker News |
| 18.4.24 | Cisco discloses root escalation flaw with public exploit code | Cisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root. | Exploit | |
| 18.4.24 | Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes | Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes | Exploit | The Hacker News |
| 17.4.24 | Ivanti warns of critical flaws in its Avalanche MDM solution | Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. | Exploit | |
| 17.4.24 | Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread | Last year, a command injection vulnerability, CVE-2023-1389, was disclosed and a fix developed for the web management interface of the TP-Link Archer AX21 (AX1800). | Exploit | FORTINET |
| 14.4.24 | Palo Alto Networks zero-day exploited since March to backdoor firewalls | Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. | Exploit | |
| 14.4.24 | Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks | Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. | Exploit | |
| 13.4.24 | Microsoft fixes two Windows zero-days exploited in malware attacks | Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. | Exploit | |
| 10.4.24 | Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel | Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems | Exploit | The Hacker News |
| 10.4.24 | Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks | A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection | Exploit | The Hacker News |
| 7.4.24 | Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites | Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The | Exploit | The Hacker News |
| 30.3.24 | CISA tags Microsoft SharePoint RCE bug as actively exploited | CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks. | Exploit | |
| 30.3.24 | Hackers exploit Ray framework flaw to breach servers, hijack resources | A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies. | Exploit | |
| 23.3.24 | Exploit released for Fortinet RCE bug used in attacks, patch now | Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks. | Exploit | |
| 19.3.24 | Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks | Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet | Exploit | The Hacker News |
| 13.3.24 | Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware | Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. | Exploit | |
| 11.3.24 | Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability | Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software | Exploit | The Hacker News |
| 8.3.24 | QEMU Emulator Exploited as Tunneling Tool to Breach Company Network | Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an | Exploit | |
| 8.3.24 | CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On- | Exploit | The Hacker News |
| 7.3.24 | Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining | Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as | Exploit | |
| 6.3.24 | Exploit available for new critical TeamCity auth bypass bug, patch now | A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions. | Exploit | |
| 5.3.24 | Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers | A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to | Exploit | The Hacker News |
| 4.3.24 | How Cybercriminals are Exploiting India's UPI for Money Laundering Operations | Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering | Exploit | The Hacker News |
| 1.3.24 | Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities | The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in | Exploit | The Hacker News |
| 1.3.24 | Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks | The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level | Exploit | |
| 24.2.24 | ScreenConnect critical bug now under attack as exploit code emerges | Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. | Exploit | |
| 23.2.24 | Over 28,500 Exchange servers vulnerable to actively exploited bug | Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. | Exploit | |
| 23.2.24 | Hackers exploit critical RCE flaw in Bricks WordPress site builder | Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. | Exploit | |
| 18.2.24 | Over 13,000 Ivanti gateways vulnerable to actively exploited bugs | Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched. | Exploit | |
| 18.2.24 | New critical Microsoft Outlook RCE bug is trivial to exploit | Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View. | Exploit | |
| 17.2.24 | CISA: Roundcube email server bug now exploited in attacks | CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. | Exploit | |
| 10.2.24 | New Fortinet RCE bug is actively exploited, CISA confirms | CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. | Exploit | |
| 10.2.24 | New Fortinet RCE flaw in SSL VPN likely exploited in attacks | Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. | Exploit | |
| 10.2.24 | Raspberry Robin Malware Upgrades with Discord Spread and New Exploits | The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be | Exploit | The Hacker News |
| 9.2.24 | Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation | Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 | Exploit | The Hacker News |
| 8.2.24 | Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products | Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited | Exploit | The Hacker News |
| 7.2.24 | Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network | Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This | Exploit | The Hacker News |
| 6.2.24 | Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation | A recently disclosed server-side request forgery ( SSRF ) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come | Exploit | The Hacker News |
| 5.2.24 | New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw | The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to | Exploit | The Hacker News |
2.2.24 |
Exploits released for critical Jenkins RCE flaw, patch now | Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. | Exploit | |
2.2.24 |
Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities | Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups | Exploit | The Hacker News |
| 1.2.24 | RunC Flaws Enable Container Escapes, Granting Attackers Host Access | Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the | Exploit | The Hacker News |
1.2.24 |
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation | Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. | Exploit | The Hacker News |
31.1.24 |
Exploit released for Fortra GoAnywhere MFT auth bypass bug | Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal. | Exploit | |
31.1.24 |
Hackers start exploiting critical Atlassian Confluence RCE flaw | Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers. | Exploit | |
24.1.24 |
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters | Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors | Exploit | The Hacker News |
22.1.24 |
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks | Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver | Exploit | The Hacker News |
21.1.24 |
VMware confirms critical vCenter flaw now exploited in attacks | VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation. | Exploit | |
20.1.24 |
CISA: Critical Ivanti auth bypass bug now actively exploited | CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation. | Exploit | |
20.1.24 |
CISA pushes federal agencies to patch Citrix RCE within a week | Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks. | Exploit | |
20.1.24 |
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch | Exploit | The Hacker News |
19.1.24 |
Windows SmartScreen flaw exploited to drop Phemedrone malware | A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. | Exploit | |
17.1.24 |
Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability | Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as | Exploit | The Hacker News |
17.1.24 |
Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now | Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause | Exploit | The Hacker News |
13.1.24 |
CISA: Critical Microsoft SharePoint bug now actively exploited | CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. | Exploit | |
13.1.24 |
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families | As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day | Exploit | The Hacker News |
12.1.24 |
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its | Exploit | The Hacker News |
12.1.24 |
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems | Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source | Exploit | The Hacker News |
11.1.24 |
Ivanti warns of Connect Secure zero-days exploited in attacks | Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways. | Exploit | |
11.1.24 |
CISA warns agencies of fourth flaw used in Triangulation spyware attacks | The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Adobe, Apache, D-Link, and Joomla. | Exploit | |
10.1.24 |
Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe | Poorly secured Microsoft SQL (MS SQL) servers are being targeted in the U.S., European Union, and Latin American (LATAM) regions as part of an ongoing | Exploit | The Hacker News |
3.1.24 |
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails | A new exploitation technique called Simple Mail Transfer Protocol ( SMTP ) smuggling can be weaponized by threat actors to send spoofed emails.. | Exploit | The Hacker News |