Threat actors may have exploited a zero-day in older iPhones, Apple warns.
Microsoft fixed two zero-day bugs exploited in malware attacks.
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware.
Recent DarkGate campaign exploited Microsoft Windows zero-day.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Ivanti warns of a new actively exploited zero-day.
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware.
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell.
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days.
Phemedrone info stealer campaign exploits Windows smartScreen bypass.
Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies.
Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware.
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw.
Threat actors started exploiting critical ownCloud flaw CVE-2023-49103.
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748.
Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August.
Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519.
Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform.
UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw.
This Cyber News was published on securityaffairs.com. Publication date: Sun, 26 May 2024 19:13:08 +0000