• Kaspersky

Q3 2024 saw multiple vulnerabilities discovered in Windows and Linux subsystems that are not standard for cyberattacks. This is because operating system developers have been releasing new security mit ... Read more

• Cybersecurity News

Century Systems Co., Ltd. has issued a critical security advisory regarding its FutureNet NXR series routers. A vulnerability, tracked as CVE-2024-50357 and assigned a CVSS score of 9.8 (indicating a ... Read more

• TheCyberThrone

Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of October 2024CVE-2024-21762: Fortinet FortiOS: Out-of-bounds WriteCVSS 3.1 score : 9.8 CISA KEV : Y ... Read more

• Cybersecurity News

Image: DreyAndThree critical remote code execution (RCE) vulnerabilities impacting CyberPanel, a widely used web hosting control panel, are under active exploitation. Threat actors are leveraging thes ... Read more

• Cybersecurity News

Image: ThreatFabricThreatFabric released a report detailing advancements in the LightSpy implant, an iOS spyware first identified in 2020, which has evolved into a more complex and damaging tool. The ... Read more

• Cybersecurity News

Security researchers Ofek Itach and Yakir Kadkoda from Aqua Security’s Team Nautilus uncovered a critical vulnerability in the AWS Cloud Development Kit (CDK) that could lead to a full account takeove ... Read more

• Cybersecurity News

Akamai researcher Stiv Kupchik published the technical details and a proof-of-concept (PoC) exploit code for a critical Elevation of Privilege (EoP) vulnerability, CVE-2024-43532, in Microsoft’s Remot ... Read more

• Cybersecurity News

A critical security vulnerability (CVE-2024-9264) has been discovered in Grafana, the popular open-source platform for monitoring and observability. This vulnerability, with a CVSS v3.1 score of 9.9, ... Read more

• Cybersecurity News

In a recent security advisory, Broadcom disclosed a significant SQL injection vulnerability (CVE-2024-38814) affecting VMware HCX, a key component used in multi-cloud infrastructures to enable applica ... Read more

• Cybersecurity News

Rittal, a leading provider of industrial automation solutions, has addressed multiple vulnerabilities in their IoT Interface and CMC III Processing Unit. Discovered by Johannes Kruchem of SEC Consult ... Read more

• security.nl

Ruim tweehonderd Zimbra-mailservers in Nederland missen een beveiligingsupdate voor een op grote schaal aangevallen kritieke kwetsbaarheid, zo meldt The Shadowserver Foundation op basis van eigen onde ... Read more

• Cybersecurity News

Renowned security researcher Renniepak, the founder of Hacker Hideout, has launched an open-source tool called CSP Bypass. This tool is designed to assist ethical hackers and security researchers in i ... Read more

• Cybersecurity News

Image: The Shadowserver FoundationEnterprise security firm Proofpoint has issued a critical warning regarding active exploitation attempts against Synacor’s Zimbra Collaboration platform. A recently d ... Read more

• TheCyberThrone

If you have any Apple devices running iOS 18, then make sure they have the latest patches installed.Apple has released an urgent iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respec ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the ... Read more

• TheCyberThrone

Security researcher Metin Yunus Kandemir have released the technical details and a PoC exploit that reveals a critical information disclosure flaw in Microsoft Office. This vulnerability, which affect ... Read more

• TheCyberThrone

The US CISA has added Synacor Zimbra vulnerability to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.The vulnerability tracked as CVE-2024-45519 with a CVSS s ... Read more

• The Cyber Express

Cyble researchers had a busy week, investigating 19 vulnerabilities in the week ended Oct.1 and flagging eight of them as high priority. Cyble’s weekly IT vulnerability report also noted that research ... Read more

• Cybersecurity News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding two critical vulnerabilities in the TEM Opera Plus FM Family Transmitter products, widely used in crit ... Read more

• The Cyber Express

A critical remote code execution (RCE) vulnerability in Zimbra email servers is under active attack, and users are urged to patch immediately. Zimbra is already a popular target for hackers – CISA’s K ... Read more

• Ars Technica

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more

• Ars Technica

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more

• BleepingComputer

Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. The Zimbra remote co ... Read more

• security.nl

Aanvallers maken actief misbruik van een kwetsbaarheid waardoor het mogelijk is om commando's op Zimbra-mailservers uit te voeren, zo waarschuwt securitybedrijf Proofpoint. Zimbra kwam vorige maand me ... Read more

• Help Net Security

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that t ... Read more

• The Register

"Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited. The remote code execution vulnerability (CVE-20 ... Read more

• The Hacker News

Email Security / Vulnerability Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security ... Read more

• Cybersecurity News

Image: ptswarmZimbra, one of the most widely used email and collaboration platforms globally, has recently been identified as vulnerable to a critical security flaw that could allow attackers to take ... Read more

• Dark Reading

Source: Color4260 via ShutterstockAttackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected ... Read more