US govt email servers hacked in Barracuda zero-day attacks
The FBI continues to observe active intrusions and considers all affected Barracuda ESG appliances to be compromised and vulnerable to this exploit
Read More...
VMware Aria vulnerable to critical SSH authentication bypass flaw
A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI
Read More...
New PaperCut critical bug exposes unpatched servers to RCE attacks
PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows servers
Read More...
Fortinet fixes critical FortiNAC remote command execution flaw
It is a deserialization of untrusted data that may lead to remote code execution (RCE) without authentication
Read More...
Fortinet: New FortiOS RCE bug “may have been exploited” in attacks
Fortinet urges immediate and ongoing mitigation through an aggressive patching campaign
Read More...
VMware fixes critical vulnerabilities in vRealize network analytics tool
A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution
Read More...
Zyxel Issues Critical Security Patches for Firewall and VPN Products
Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution
Read More...
Fortinet fixed a critical vulnerability in its Data Analytics product
Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests
Read More...
Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Nine vulnerabilities have been classified as 'Critical' for allowing remote code execution, denial of service, or elevation of privileges attacks
Read More...
Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb
Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities that may allow unauthenticated attackers to perform arbitrary code or command execution
Read More...