Tag: exploit code
Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs
Virtual file transfer system provider CrushFTP and various security researchers are sounding the alarm about a sandbox escape flaw in the CrushFTP server that...
Breaking News
Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw
Threat actors have unleashed a fresh wave of cyberattacks targeting a critical remote code-execution (RCE) vulnerability in Apache ActiveMQ, for which the Apache Software...
Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug
Concerns are high over a critical, recently disclosed remote code execution (RCE) vulnerability in Apache Struts 2 that attackers have been actively exploiting over...
Patch Now: Critical Atlassian Bugs Endanger Enterprise Apps
It's time to patch again: Four critical security vulnerabilities in Atlassian software open the door to remote code execution (RCE) and subsequent lateral movement...
Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto
The attackers behind the Kinsing malware are the latest to exploit the Apache ActiveMQ critical remote code execution (RCE) vulnerability, targeting the flaw to...
Critical Atlassian Bug Exploit Now Available; Immediate Patching Needed
Proof of concept (PoC) exploit code for a critical vulnerability that Atlassian disclosed in its Confluence Data Center and Server technology has become publicly...
Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware
More than 3,000 Internet-accessible Apache ActiveMQ Servers are exposed to a critical remote code execution vulnerability that an attacker has begun actively targeting to...
Patch Now: Massive RCE Campaign Wrangles Routers Into Botnet
Nimble and able to pivot on the fly to take advantage of emerging vulnerabilities, a campaign named IZ1H9 has ramped up its malware development...
Does Generative AI Comply With Asimov’s 3 Laws of Robotics?
Newly developed generative artificial intelligence (AI) tools that can generate plausible human language or computer code in response to operator prompts have provoked discussion...
AtlasVPN Linux Zero-Day Disconnects Users, Reveals IP Addresses
A security researcher has published exploit code for AtlasVPN for Linux, which could enable anybody to disconnect a user and reveal their IP address...
Attackers Pummel Millions of Websites via Critical WooCommerce Payments Flaw
Attackers have been exploiting a critical flaw in the WordPress WooCommerce Payments plug-in in a spate of attacks over the last few days that...
Microsoft patches four zero-days, finally takes action against crimeware kernel drivers
by Paul Ducklin This Tuesday, 2023-07-11, was Microsoft’s Patch Tuesday for July 2023, so here’s a brief reminder to do...
StackRot Linux Kernel Bug Has Exploit Code on the Way
Exploit code will soon become available for a critical vulnerability in the Linux kernel that a security researcher discovered and reported to Linux administrators...