Internet Security

CloudBees flaws in Jenkins server can lead to code execution

March 9, 2023 add comment
CloudBees vulnerabilities in the Jenkins open-source automation server can be exploited to achieve code execution on targeted systems. Researchers from cloud security firm Aqua discovered a chain of two... Read more »

A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!

March 8, 2023 add comment
Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked... Read more »

Veeam warns to install patches to fix a bug in its Backup & Replication product

March 8, 2023 add comment
Veeam addressed a high-severity vulnerability in the Backup Service that impacts Backup & Replication software. Veeam addressed a high-severity vulnerability in the Backup Service, tracked as CVE-2023-27532 (CVSS v3... Read more »

North Korea-linked Lazarus APT used a 0-day in a recent attack

March 8, 2023 add comment
North Korea-linked Lazarus APT group exploits a zero-day vulnerability in attacks aimed at a South Korean financial entity. ASEC (AhnLab Security Emergency Response Center) observed North Korea-linked Lazarus APT group exploiting a zero-day... Read more »

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

March 8, 2023 add comment
US CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited... Read more »

China-linked APT Sharp Panda targets government entities in Southeast Asia

March 8, 2023 add comment
China-linked APT group Sharp Panda targets high-profile government entities in Southeast Asia with the Soul modular framework. CheckPoint researchers observed in late 2022, a campaign attributed to the China-linked... Read more »

VMware NSX Manager bugs actively exploited in the wild since December

March 8, 2023 add comment
Security researchers warn of hacking attempts in the wild exploiting critical vulnerabilities in VMware NSX Manager. Cyber security firm Wallarm is warning of ongoing attacks exploiting the critical flaws,... Read more »

SYS01 stealer targets critical government infrastructure

March 7, 2023 add comment
Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. Cybersecurity researchers from Morphisec discovered a new, advanced information stealer, dubbed SYS01 stealer, that since November... Read more »

Acer discloses a new data breach, 160 GB of sensitive data available for sale

March 7, 2023 add comment
Taiwanese multinational hardware and electronics corporation Acer discloses a data breach after a threat actor claimed the hack of the company. Recently a threat actor announced the availability for sale of... Read more »

Expert released PoC exploit code for critical Microsoft Word RCE flaw

March 7, 2023 add comment
Security researcher released a proof-of-concept exploit code for a critical flaw, tracked as CVE-2023-21716, in Microsoft Word. Security researcher Joshua Drake released a proof-of-concept for a critical vulnerability, tracked... Read more »
Subscribe to our Newsletter