Content Paint
Search
Sign in
Membership

vulnerabilities

Citrix  | Jul 18, 2023
Critical pre-auth RCE Citrix Gateway vulnerability is under active attack and looks bad
Critical Citrix vulnerability CVE-2023-3519 under attack

There are approximately 38,000 Citrix Gateway appliances exposed to the public internet and a whole host of internet traffic flows through Citrix ADC...

sonicwall  | Jul 14, 2023
Critical SonicWall vulnerabilities "extremely attractive" - central firewall hub needs urgent patching
Critical SonicWall vulnerabilities "extremely attractive" - central firewall hub needs urgent patching

Multiple critical unauthenticated SQL injection bugs and hard-coded credentials as well as command injection, and file upload bugs need urgent patching.

 |  MOVEit  | Jul 07, 2023
Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer
Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer

You're tired? Everyone's tired. Just patch promptly please.

 |  vulnerabilities  | Jul 03, 2023
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?

CVE-2023-25717 is being exploited and affected products have been pulled into a new botnet...

MOVEit  | Jun 16, 2023
As victim count mounts, a critical new MOVEit bug emerges - with US federal agencies compromised
new MOVEit vulnerability and federal agencies hacked

Hackers "often breach the Department’s defensive perimeter and roam freely within our information systems"

Fortinet  | Jun 12, 2023
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997

"It is a pre-auth RCE [and] has been proven to be exploitable in a consistent manner; we found it during a Red Team engagement and have exploited it remotely..."

News  | Jun 05, 2023
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released

Admins should urgently modify firewall rules to deny HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443. (Also, can we start fuzzing for SQL Injection properly, please?)

Cybersecurity  | Apr 10, 2023
Known exploited list: 15 million systems still exposed 
Known exploited list: 15 million systems still exposed 

... and probably shot to high heaven with malware.

Cybersecurity  | Mar 16, 2023
As CVE-2023-23397 exploits proliferate, worry mounts
As CVE-2023-23397 exploits proliferate, worry mounts

Security experts are warning that a critical Microsoft Outlook exploit is trivial to deploy and “will likely be leveraged imminently by actors for espionage purposes or financial gain” – after Ukrainian cybersecurity authorities disclosed CVE-2023-23397, a critical vulnerability that requires no user interaction to exploit. As The Stack reported, the critical

Interviews, Insight, Intelligence for Hungry Folks

© 2025 The Snack
©  2025 The Snack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.