Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw.
Crowdfense is offering a larger 30M USD exploit acquisition program.
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware.
PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released.
Experts released PoC exploit for critical Progress Software OpenEdge bug.
Black Basta and Bl00dy ransomware gangs exploit recent ConnectWise ScreenConnect bugs.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware.
Multiple PoC exploits released for Jenkins flaw CVE-2024-23897.
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204.
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell.
Critical Confluence flaw exploited in ransomware attacks.
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748.
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198.
Experts released PoC exploit code for VMware Aria Operations for Logs flaw.
North Korea-linked APT groups actively exploit JetBrains TeamCity flaw.
Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables.
Apple fixed the 17th zero-day flaw exploited in attacks.
PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks.
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035.
This Cyber News was published on securityaffairs.com. Publication date: Tue, 28 May 2024 19:43:08 +0000