Getty Images reader comments 21 with Thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little or no user interaction. The vulnerabilities were reported on Wednesday by Zero Day Initiative, but they largely escaped notice until Friday when they… Read More »
reader comments 21 with MOVEit, the file-transfer software exploited in recent weeks in one of the biggest cyberattacks ever, has received yet another security update that fixes a critical vulnerability that could be exploited to give hackers access to vast amounts of sensitive data. On Thursday, MOVEit maker Progress Software published a security bulletin that… Read More »
Getty Images reader comments 8 with Hundreds of Internet-exposed devices inside solar farms remain unpatched against a critical and actively exploited vulnerability that makes it easy for remote attackers to disrupt operations or gain a foothold inside the facilities. The devices, sold by Osaka, Japan-based Contec under the brand name SolarView, help people inside solar… Read More »
Getty Images reader comments 5 with Firewalls made by Zyxel are being wrangled into a destructive botnet, which is taking control of them by exploiting a recently patched vulnerability with a severity rating of 9.8 out of a possible 10. “At this stage if you have a vulnerable device exposed, assume compromise,” officials from Shadowserver,… Read More »
Getty Images reader comments 20 with Share this story Exploit code for a critical printer software vulnerability became publicly available on Monday in a release that may exacerbate the threat of malware attacks that have already been underway for the past five days. The vulnerability resides in print management software known as PaperCut, which the… Read More »
Getty Images reader comments 19 with Share this story Hackers are actively exploiting a critical vulnerability in a widely used WordPress plugin that gives them the ability to take complete control of millions of sites, researchers said. The vulnerability, which carries a severity rating of 8.8 out of a possible 10, is present in Elementor… Read More »
reader comments 6 with Share this story Threat actors are exploiting a critical vulnerability in an IBM file-exchange application in hacks that install ransomware on servers, security researchers have warned. The IBM Aspera Faspex is a centralized file-exchange application that large organizations use to transfer large files or large volumes of files at very high… Read More »
Getty Images reader comments 26 with Share this story Multiple threat actors—one working on behalf of a nation-state—gained access to the network of a US federal agency by exploiting a four-year-old vulnerability that remained unpatched, the US government warned. Exploit activities by one group likely began in August 2021 and last August by the other,… Read More »
reader comments 8 with 0 posters participating Share this story Researchers have unearthed four game modes that could successfully exploit a critical vulnerability that remained unpatched in the popular Dota 2 video game for 15 months after a fix had become available. The vulnerability, tracked as CVE-2021-38003, resided in the open source JavaScript engine from… Read More »
Getty Images reader comments 12 with 0 posters participating Share this story Malicious hackers have begun exploiting a critical vulnerability in unpatched versions of the Control Web Panel, a widely used interface for web hosting. “This is an unauthenticated RCE,” members of the Shadowserver group wrote on Twitter, using the abbreviation for remote code exploit.… Read More »