adobe
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks
Adobe Commerce and Magento online stores are being targeted in “CosmicSting” attacks at an alarming rate, with threat actors hacking approximately 5% of all stores. The CosmicSting vulnerability (CVE-2024-34102) is a critical severity information disclosure flaw; when chained with CVE-2024-2961, a security issue in glibc’s iconv function, an attacker can achieve remote code execution on the […]
Adobe fixes Acrobat Reader zero-day with public PoC exploit
A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit. The flaw is tracked as CVE-2024-41869 and is a critical use after free vulnerability that could lead to remote code execution when opening a specially crafted PDF […]
VMware, Adobe bugs exploited in active attacks as Cisco warns of critical ‘10.0’ flaw
VMware, SolarWinds and Adobe users are being warned that vulnerabilities found in each of the products are under active attack. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Impacted products include Adobe Commerce (CVE-2024-34102), SolarWinds Serv-U (CVE-2024-28995) and VMware vCenter Server (CVE-2022-22948) CISA’s warning […]