Exploitation attempts targeting CVE-2024-5806, a critical MOVEit Transfer vulnerability patched recently, have started.

The post Exploitation Attempts Target New MOVEit Transfer Vulnerability appeared first on SecurityWeek.

A Mirai-like botnet has started exploiting a critical-severity vulnerability in discontinued Zyxel NAS products.

The post Recent Zyxel NAS Vulnerability Exploited by Botnet appeared first on SecurityWeek.

Google has recently issued a warning regarding a critical security flaw affecting Google Pixel Firmware, which has been actively exploited as a zero-day vulnerability. Identified as CVE-2024-32896, this high-severity issue involves an elevation of privilege, potentially allowing attackers to gain unauthorized access on affected devices. Nature of the Memory-Related Vulnerability   The zero-day exploit in […]

The post Google Pixel Firmware Zero-Day Flaw Exploited And Patched appeared first on TuxCare.

The post Google Pixel Firmware Zero-Day Flaw Exploited And Patched appeared first on Security Boulevard.

Threat actors are exploiting a recent path traversal vulnerability in SolarWinds Serv-U using public PoC code.

The post Recent SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek.

CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.

The post CISA Warns of Progress Telerik Vulnerability Exploitation appeared first on SecurityWeek.

The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.

The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek.

Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.

The post Arm Warns of Exploited Kernel Driver Vulnerability appeared first on SecurityWeek.

GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day.

The post Exploitation of Recent Check Point VPN Zero-Day Soars appeared first on SecurityWeek.

CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog.

The post CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability appeared first on SecurityWeek.

PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances.

The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek.

CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.

The post CISA Warns of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.

The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords.

The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek.