New critical Citrix ADC and Gateway flaw exploited as zero-days
Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits...
Read more →Category: Bleeping Computer
Google Cloud Build bug lets hackers launch supply chain attacks
A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers...
Read more →
FIN8 deploys ALPHV ransomware using Sardonic malware variant
A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware...
Read more →
Critical ColdFusion flaws exploited in attacks to drop webshells
Update 7/17/23: The article was updated due to a mistaken warning added by Adobe to its email notification. However, a...
Read more →
Microsoft Exchange Online hit by new outage blocking emails
Microsoft is investigating an ongoing Exchange Online outage preventing customers from sending emails and triggering 503 errors on affected systems....
Read more →
CISA orders govt agencies to mitigate Windows and Office zero-days
CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based...
Read more →
Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators,...
Read more →
Adobe warns of critical ColdFusion RCE bug exploited in attacks
Adobe warns that a critical ColdFusion pre-authentication remote code execution vulnerability tracked as CVE-2023-29300 is actively exploited in attacks. Adobe...
Read more →
Frontline Security Practitioners Reveal the Latest About AI
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It runs from September 18–20, 2023 in...
Read more →
CISA shares free tools to help secure data in the cloud
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for...
Read more →
Adobe warns of critical Colfdusion RCE bug exploited in attacks
Adobe warns that a critical ColdFusion pre-authentication remote code execution vulnerability tracked as CVE-2023-29300 is actively exploited in attacks. Adobe...
Read more →
Avaddon ransomware gang’s likely successor
The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and...
Read more →