Feature:英文文章
@Pikachu

Exploit Released for Cisco IOS XE Zero-day Vulnerability

Cisco was reported with a critical vulnerability last week, which has been actively exploited by threat actors in the wild. The vulnerability was assigned with the CVE-2023-20198 and was given a severity rating of 10.0 (Critical) ...
  • 0
  • 20
  • 0
  • 2
@Pikachu

SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities for delivering multiple RATs (Remote Access Trojans) like AllaKore RAT, Ares RAT, and DRat. ...
  • 0
  • 21
  • 0
  • 2
@Pikachu

MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability

As previously reported, SysAid disclosed a zero-day issue affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability and was given CVE-2023-47426. Additionally, SysAid stated that th ...
  • 0
  • 23
  • 0
  • 1
@Pikachu

Hackers Exploiting Zimbra 0-day to Attack Government Organizations

Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.  Over 5,000 companies and public sector users, along with hundreds of millions of end-users in more than 140 ...
  • 0
  • 21
  • 0
  • 2
@Pikachu

Apple Urgently Patches Zero-day Flaw Exploited in the Wild

Apple has released an emergency security update for patching two actively exploited zero-day vulnerabilities on iOS. The vulnerabilities were discovered earlier this month and are tracked as CVE-2023-42916, and CVE-2023-42917 aff ...
  • 0
  • 20
  • 0
  • 1
@Pikachu

Google Chrome Zero-day Exploited in the Wild: Patch Now!

Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution. To address the actively exploited zer ...
  • 0
  • 19
  • 0
  • 1
@Pikachu

Hackers launched 250,000+ Attacks to Exploit Ivanti VPN 0-Day

Ivanti Connect Secure vulnerabilities were disclosed in January 2024 as a potential gateway for threat actors to penetrate corporate networks. The two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 were associated with au ...
  • 0
  • 19
  • 0
  • 3
@Pikachu

Lazarus Hackers Exploited Windows kernel 0-day In The Wild

The Lazarus threat group has been exploiting a Microsoft vulnerability associated with Windows Kernel Privilege Escalation to establish a kernel-level read/write primitive. This vulnerability was previously unknown which exis ...
  • 0
  • 20
  • 0
  • 3
@Pikachu

$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day

This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program. Crowdfense is the ...
  • 0
  • 19
  • 0
  • 1