Collaborate Disseminate
After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.
The post After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery appeared first on SecurityWeek.
Continue reading After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery
Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023.
The post Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters appeared first on SecurityWeek.
Continue reading Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters
Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published.
The post Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication appeared first on Se… Continue reading Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication
The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner.
The post DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner appeared first on Secu… Continue reading DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner
The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective.
The post FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective appeared first on SecurityWeek.
Continue reading FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective
A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money.
The post Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day appeared first on SecurityWeek.
Continue reading Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day
More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit.
The post 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability appeared first on SecurityWeek.
Continue reading 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability
While initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it.
The post Exploitation of Ivanti Sentry Zero-Day Confirmed appeared first on SecurityWeek.
Continue reading Exploitation of Ivanti Sentry Zero-Day Confirmed
CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild.
The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek.
Continue reading CISA Warns of Another Exploited Adobe ColdFusion Vulnerability
Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog.
The post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning appeared first on SecurityWeek.
… Continue reading Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning