Sign in Subscribe

Exploited in the wild

Akira Ransomware Campaign Exploits SonicWall SSLVPN Vulnerability

Akira Ransomware Campaign Exploits SonicWall SSLVPN Vulnerability

Akira ransomware affiliates leverage a vulnerability (CVE-2024-40766) in SonicWall's firewall devices, compromising SSLVPN user accounts not integrated with centralized authentication solutions

Critical Zero-Day Vulnerability in Popular VPN Service Allows Remote Code Execution

Critical Zero-Day Vulnerability in Popular VPN Service Allows Remote Code Execution

The vulnerability, CVE-2023-3420, was patched in the V8 engine in June 2023. However, the WebView component within WeChat was not updated, exposing millions of users to potential attacks.

CISA Adds Three Exploited Vulnerabilities to Known Catalog

CISA Adds Three Exploited Vulnerabilities to Known Catalog

These vulnerabilities, all of which have been actively exploited, include two related to Draytek VigorConnect devices and one affecting Kingsoft WPS Office.

North Korean Threat Actor Citrine Sleet Exploits Chromium Zero-Day Vulnerability

North Korean Threat Actor Citrine Sleet Exploits Chromium Zero-Day Vulnerability

Citrine Sleet, a North Korean threat actor tracked by Microsoft, has been involved in various cyber operations targeting the financial sector. The group is notorious for its sophisticated social engineering tactics

Godzilla Fileless Backdoor Exploits CVE-2023-22527 in Atlassian Confluence

Godzilla Fileless Backdoor Exploits CVE-2023-22527 in Atlassian Confluence

The Godzilla webshell, a Chinese-language malware, leverages AES encryption to evade detection and remains memory-resident, making it particularly challenging for legacy anti-virus solutions to detect.

Cryptojacking Campaign Exploits CVE-2023-22527 in Atlassian Confluence

Cryptojacking Campaign Exploits CVE-2023-22527 in Atlassian Confluence

On August 28, 2024, Trend Micro released a report detailing the exploitation of CVE-2023-22527, a critical vulnerability in Atlassian Confluence. This vulnerability, initially disclosed on January 16, 2024, affects Confluence Data Center and Confluence Server.

New Mirai Variant Exploits Zero-Day in AVTECH Cameras: CVE-2024-7029

New Mirai Variant Exploits Zero-Day in AVTECH Cameras: CVE-2024-7029

Akamai Security Intelligence and Response Team (SIRT) released a detailed report on a new botnet campaign that exploits a previously undisclosed zero-day vulnerability in AVTECH CCTV cameras. The vulnerability, CVE-2024-7029, enables remote code execution (RCE).