Actively Exploited
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks
Adobe Commerce and Magento online stores are being targeted in “CosmicSting” attacks at an alarming rate, with threat actors hacking approximately 5% of all stores. The CosmicSting vulnerability (CVE-2024-34102) is a critical severity information disclosure flaw; when chained with CVE-2024-2961, a security issue in glibc’s iconv function, an attacker can achieve remote code execution on the […]
Critical Ivanti RCE flaw with public exploit now used in attacks
CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivanti EPM is an all-in-one endpoint management solution that helps admins manage client devices on various platforms, including Windows, macOS, Chrome OS, and IoT operating systems. Tracked […]
Critical Zimbra RCE flaw exploited to backdoor servers using emails
Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. The Zimbra remote code execution flaw is tracked as CVE-2024-45519 and exists in Zimbra’s postjournal service, which is used to parse incoming emails over SMTP. Attackers can exploit the […]
Ivanti warns of another critical CSA flaw exploited in attacks
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure […]
CISA warns of actively exploited Apache HugeGraph-Server bug
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. The flaw, tracked as CVE-2024-27348 and rated critical (CVSS v3.1 score: 9.8), is an improper access control vulnerability that impacts HugeGraph-Server versions from 1.0.0 and up to, […]
Hackers targeting WhatsUp Gold with public exploit since August
Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. The two flaws exploited in attacks since August 30 are SQL injection vulnerabilities tracked as CVE-2024-6670 and CVE-2024-6671 that allow retrieving encrypted passwords without authentication. Despite the vendor addressing the security issues more than two […]
Malware exploits 5-year-old zero-day to infect end-of-life IP cameras
The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the “brightness” function […]
Google tags a tenth Chrome zero-day as exploited this year
Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. Tracked as CVE-2024-7965 and reported by a security researcher known only as TheDog, the now-patched high-severity vulnerability is caused by a bug in the compiler backend when selecting the instructions to generate for just-in-time (JIT) compilation. Google […]
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. Versa Director is a management platform ISPs and MSPs use to manage virtual WAN connections created using SD-WAN services. The vulnerability is tracked as CVE-2024-39717 […]
Google fixes ninth Chrome zero-day exploited in attacks this year
Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability tagged as exploited in attacks. “Google is aware that an exploit for CVE-2024-7971 exists in the wild,” the company said in an advisory published on Wednesday. This high-severity zero-day vulnerability is caused by a type confusion weakness in Chrome’s V8 JavaScript engine. Security researchers with […]