958 Results for:CVE

  • Sort by: 

CVE volumes set to increase 25% this year

By Alex Scroxton 21 Feb 2024

The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist Read More

Mitre breached by nation-state threat actor via Ivanti flaws

By Alexander Culafi 22 Apr 2024

An unnamed nation-state threat actor breached Mitre through two Ivanti Connect Secure zero-day vulnerabilities, CVE-2023-46805 and CVE-2024-21887, disclosed earlier this year. Read More

Apple discloses 2 iOS zero-day vulnerabilities

By Alexander Culafi 06 Mar 2024

CVE-2024-23225 and CVE-2024-23296, which bypass kernel memory protections, mark the second and third zero-day vulnerabilities that Apple has disclosed and patched this year. Read More

SQL injection vulnerability in Fortinet software under attack

By Arielle Waldman 26 Mar 2024

Fortinet and CISA confirmed CVE-2023-48788 is being actively exploited. But the Shadowserver Foundation found that many vulnerable instances remain online. Read More

Apple issues emergency patches for 3 zero-day bugs

By Alexander Culafi 22 Sep 2023

Apple said CVE-2023-41992, CVE-2023-41991 and CVE-2023-41993 -- all reported by Citizen Lab and Google researchers -- might have been exploited against versions of iOS before 16.7. Read More

Exploitation activity increasing on Fortinet vulnerability

By Arielle Waldman 18 Mar 2024

The Shadowserver Foundation recently saw an increase in exploitation activity for CVE-2024-21762, two days after a proof-of-concept exploit was published. Read More

Flaws in legacy D-Link NAS devices under attack

By Arielle Waldman 08 Apr 2024

Internet scans show threat actors are targeting CVE-2024-3273 in thousands of end-of-life D-Link NAS devices, and exploitation requires no authentication. Read More

Attacks begin on critical Atlassian Confluence vulnerability

By Arielle Waldman 23 Jan 2024

Exploitation activity for CVE-2023-22527 marks the third time in four months that a critical Atlassian Confluence flaw has gained threat actors' attention. Read More

Chinese threat group exploited VMware vulnerability in 2021

By Arielle Waldman 19 Jan 2024

After VMware confirmed that CVE-2023-34048 had been exploited, Mandiant attributed the activity to a China-nexus threat group and revealed that exploitation began in late 2021. Read More

LockBit observed exploiting critical 'Citrix Bleed' flaw

By Arielle Waldman 15 Nov 2023

The Financial Services Information Sharing and Analysis Center warned that LockBit ransomware actors are exploiting CVE-2023-4966, also known as Citrix Bleed. Read More