Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days.
CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog.
Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks.
Microsoft fixed two zero-day bugs exploited in malware attacks.
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks.
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Norton Healthcare disclosed a data breach after a ransomware attack.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
Critical Confluence flaw exploited in ransomware attacks.
iLeakage attack exploits Safari to steal data from Apple devices.
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks.
CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog.
Apple fixed the 17th zero-day flaw exploited in attacks.
Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks.
Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws.
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks.
Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs.
This Cyber News was published on securityaffairs.com. Publication date: Sun, 19 May 2024 14:43:05 +0000