Latest Actively Exploited news

Google Chrome emergency update fixes 7th zero-day exploited in 2023

Google has fixed the seventh Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks.
- Sergiu Gatlan
- November 28, 2023
- 04:24 PM
- 0
Hackers start exploiting critical ownCloud flaw, patch now

Hackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments.
- Bill Toulas
- November 28, 2023
- 11:14 AM
- 0
New botnet malware exploits two zero-days to infect NVRs and routers

A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.
- Bill Toulas
- November 22, 2023
- 12:39 PM
- 0
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
- Bill Toulas
- November 20, 2023
- 11:54 AM
- 0
CISA warns of actively exploited Windows, Sophos, and Oracle bugs

The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle.
- Bill Toulas
- November 17, 2023
- 09:08 AM
- 0
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed

The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files.
- Bill Toulas
- November 14, 2023
- 03:03 PM
- 0
CISA warns of actively exploited Juniper pre-auth RCE exploit chain

CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution (RCE) attacks as part of a pre-auth exploit chain.
- Sergiu Gatlan
- November 13, 2023
- 12:23 PM
- 0
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware.
- Bill Toulas
- November 09, 2023
- 09:28 AM
- 2
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads.
- Bill Toulas
- November 02, 2023
- 12:21 PM
- 0
Hackers use Citrix Bleed flaw in attacks on govt networks worldwide

Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region.
- Bill Toulas
- November 01, 2023
- 02:46 PM
- 0
Hackers exploit recent F5 BIG-IP flaws in stealthy attacks

F5 is warning BIG-IP admins that devices are being breached by "skilled" hackers exploiting two recently disclosed vulnerabilities to erase signs of their access and achieve stealthy code execution.
- Bill Toulas
- November 01, 2023
- 10:52 AM
- 0
Citrix Bleed exploit lets hackers hijack NetScaler accounts

A proof-of-concept (PoC) exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances.
- Bill Toulas
- October 25, 2023
- 11:26 AM
- 0
Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.
- Sergiu Gatlan
- October 20, 2023
- 06:12 PM
- 0
Google links WinRAR exploitation to Russian, Chinese state hackers

Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems.
- Sergiu Gatlan
- October 18, 2023
- 11:00 AM
- 0
Recently patched Citrix NetScaler bug exploited as zero-day since August

A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August, security researchers announced.
- Bill Toulas
- October 18, 2023
- 07:01 AM
- 1
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks

Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect more than 10,000 Cisco IOS XE devices with malicious implants.
- Sergiu Gatlan
- October 17, 2023
- 09:15 AM
- 0
Hackers exploit critical flaw in WordPress Royal Elementor plugin

A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.
- Bill Toulas
- October 16, 2023
- 03:08 PM
- 1
Microsoft: State hackers exploiting Confluence zero-day since September

Microsoft says a Chinese-backed threat group tracked as 'Storm-0062' (aka DarkShadow or Oro0lxy) has been exploiting a critical privilege escalation zero-day in the Atlassian Confluence Data Center and Server since September 14, 2023.
- Bill Toulas
- October 11, 2023
- 10:29 AM
- 0
Hackers hijack Citrix NetScaler login pages to steal credentials

Hackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials.
- Bill Toulas
- October 09, 2023
- 10:45 AM
- 0
Apple emergency update fixes new zero-day used to hack iPhones

Apple released new emergency security updates on Wednesday to patch two new zero-day vulnerabilities known to be exploited in attacks.
- Sergiu Gatlan
- October 04, 2023
- 02:19 PM
- 9