Collaborate Disseminate
Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters.
The post Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters appeared first on SecurityWeek.
Continue reading Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters
CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild.
The post CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks appeared first on SecurityWeek.
Continue reading CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks
CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild.
The post Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Continue reading Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks
A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.
The post Aiohttp Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Continue reading Aiohttp Vulnerability in Attacker Crosshairs
Vulnerabilities affecting a Nice Linear physical access product, including an exploited flaw, patched five years after their disclosure.
The post Exploited Building Access System Vulnerability Patched 5 Years After Disclosure appeared first on Security… Continue reading Exploited Building Access System Vulnerability Patched 5 Years After Disclosure
Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS.
The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
Continue reading Recent TeamCity Vulnerability Exploited in Ransomware Attacks
150,000 systems possibly impacted by the recent Fortinet vulnerability CVE-2024-21762, but there is still no evidence of widespread exploitation.
The post Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks appeared f… Continue reading Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks
Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed.
The post Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure appeared first on SecurityWeek.
Continue reading Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure
CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.
The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Pixel Phone Vulnerability Exploitation
CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild.
The post CISA Warns of Windows Streaming Service Vulnerability Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Windows Streaming Service Vulnerability Exploitation