Collaborate Disseminate
Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.
The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek.
Continue reading Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars
Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.
The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek.
Continue reading Palo Alto Networks Warns of Exploited Firewall Vulnerability
Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware.
The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek.
Continue reading Microsoft Patches Two Zero-Days Exploited for Malware Delivery
Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild.
The post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices appeared first on SecurityWeek.
Continue reading Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices
Google this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices.
The post Pixel Phone Zero-Days Exploited by Forensic Firms appeared first on SecurityWeek.
Continue reading Pixel Phone Zero-Days Exploited by Forensic Firms
Google patches 28 vulnerabilities in Android and 25 bugs in Pixel devices, including two flaws exploited in the wild.
The post Google Patches Exploited Pixel Vulnerabilities appeared first on SecurityWeek.
Continue reading Google Patches Exploited Pixel Vulnerabilities
Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters.
The post Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters appeared first on SecurityWeek.
Continue reading Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters
CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild.
The post CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks appeared first on SecurityWeek.
Continue reading CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks
CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild.
The post Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Continue reading Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks
A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.
The post Aiohttp Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Continue reading Aiohttp Vulnerability in Attacker Crosshairs