MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769.
CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog.
Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw.
Microsoft fixed two zero-day bugs exploited in malware attacks.
Critical Fortinet's FortiClient EMS flaw actively exploited in the wild.
PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released.
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204.
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell.
Threat actors started exploiting critical ownCloud flaw CVE-2023-49103.
VMware disclosed a critical and unpatched authentication bypass flaw in VMware Cloud Director Appliance.
Critical Confluence flaw exploited in ransomware attacks.
CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog.
Multiple APT groups exploited WinRAR flaw CVE-2023-38831.
CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog.
Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws.
Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables.
Apple fixed the 17th zero-day flaw exploited in attacks.
Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform.
WS FTP flaw CVE-2023-40044 actively exploited in the wild.
US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog.
This Cyber News was published on securityaffairs.com. Publication date: Mon, 01 Jul 2024 09:13:06 +0000