-
CrushFTP warns users to patch exploited zero-day “immediately”
CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately.
- April 19, 2024
- 06:33 PM
0
-
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.
- April 19, 2024
- 11:27 AM
1
-
Multiple botnets exploiting one-year-old TP-Link flaw to hack routers
At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year.
- April 17, 2024
- 09:03 AM
- 3
-
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now
Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software.
- April 16, 2024
- 02:36 PM
- 0
-
Palo Alto Networks fixes zero-day exploited to backdoor firewalls
Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls.
- April 15, 2024
- 08:59 AM
- 1
-
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks
Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks.
- April 12, 2024
- 09:28 AM
- 0
-
Microsoft fixes two Windows zero-days exploited in malware attacks
Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such.
- April 09, 2024
- 06:06 PM
- 0
-
Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks
Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage (NAS) devices exposed online and unpatched against a critical remote code execution (RCE) zero-day flaw.
- April 08, 2024
- 06:17 PM
- 1
-
CISA tags Microsoft SharePoint RCE bug as actively exploited
CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks.
- March 27, 2024
- 12:24 PM
- 0
-
Hackers exploit Ray framework flaw to breach servers, hijack resources
A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.
- March 26, 2024
- 02:51 PM
- 0
-
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
- March 21, 2024
- 11:17 AM
- 0
-
Hackers exploit Aiohttp bug to find vulnerable networks
The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library.
- March 16, 2024
- 10:17 AM
- 0
-
Critical Fortinet flaw may impact 150,000 exposed devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
- March 08, 2024
- 03:37 PM
- 3
-
Critical TeamCity flaw now widely exploited to create admin accounts
Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday.
- March 06, 2024
- 07:19 PM
- 0
-
Hackers exploit critical RCE flaw in Bricks WordPress site builder
Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites.
- February 19, 2024
- 12:55 PM
- 0
-
CISA: Roundcube email server bug now exploited in attacks
CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks.
- February 12, 2024
- 02:03 PM
- 0
-
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor
Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.
- February 12, 2024
- 11:20 AM
- 0
-
New Fortinet RCE bug is actively exploited, CISA confirms
CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday.
- February 09, 2024
- 04:02 PM
- 3
-
New Fortinet RCE flaw in SSL VPN likely exploited in attacks
Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks.
- February 08, 2024
- 06:11 PM
- 1
-
Newest Ivanti SSRF zero-day now under mass exploitation
An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.
- February 05, 2024
- 10:55 AM
- 1
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 9.0.3.0106,396 Downloads
-
Version: 18.0.7.562,878 Downloads
-
Version: 8.4.0.056M+ Downloads
-
Version: 5.1.25M+ Downloads
-
Version: 4.14.12M+ Downloads
