CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The Read more…

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers. “Identified exploitations or compromises associated with these threat Read more…

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. “This Read more…

Vulnerability in Android System

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System Nov 05, 2024Ravie LakshmananMobile Security / Vulnerability Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw Read more…

Vulnerability

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation Oct 24, 2024Ravie LakshmananVulnerability / Network Security Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump Read more…

CVE-2024-38094

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) Oct 23, 2024Ravie LakshmananVulnerability / Threat Intelligence A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The Read more…

SolarWinds Help Desk Software Vulnerability

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability Oct 16, 2024Ravie LakshmananVulnerability / Data Protection The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of Read more…