Cisco Critical Cisco vulnerability CVE-2024-20419 lets unauthenticated attackers change admin passwords "A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user."
Cisco Cisco ASA zero days exploited in wild: NCSC says “pull the power plug” to avoid persistence Four months of exploitation in the wild? Deep joy...
vulnerabiities Two zero days exploited weekly: GPU drivers, browsers targeted macOS goes apparently untouched, says Google, despite iOS exploits that do impact the Apple operating system.
Members only Ivanti 13,000 unpatched Ivanti appliances exposed as attacks escalate, firmware analysis shocks users. “Security” product shipped with a 13-year-old, unsupported base OS and software libraries with 973 vulnerabilities; 111 of which have publicly known exploits available.
Fortinet Fortinet patches MORE pre-auth RCEs, with exploits reported. Ivanti also slips out a fresh VPN fix... "Disable SSL VPN (disable webmode is NOT a valid workaround..."
Qualys Bugs are turning into exploits faster than ever Vulnerabilities are turning into actively exploited flaws at a rapid pace, often within the same day. This according to research from security vendor Qualys.
cybersecurity ownCloud users could get badly owned as exploitation starts of CVSS 10 bug, with 11,000 instances exposed ownCloud claims 200,000 installations, 600 enterprise customers, and 200 million users with customers including the European Commission.