-
Ivanti warns critical EPM bug lets hackers hijack enrolled devices
Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server.
- January 04, 2024
- 04:37 PM
0
-
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits.
- December 28, 2023
- 11:20 AM
0
-
Ivanti releases patches for 13 critical Avalanche RCE flaws
Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management (MDM) solution.
- December 20, 2023
- 01:03 PM
- 0
-
Microsoft discovers critical RCE flaw in Perforce Helix Core Server
Four vulnerabilities, one of which is rated critical, have been discovered in the Perforce Helix Core Server, a source code management platform widely used by the gaming, government, military, and technology sectors.
- December 18, 2023
- 03:49 PM
- 0
-
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code.
- December 13, 2023
- 11:19 AM
- 1
-
Sophos backports RCE fix after attacks on unsupported firewalls
Sophos opted to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks.
- December 12, 2023
- 12:29 PM
- 0
-
Over 1,450 pfSense servers exposed to RCE attacks via bug chain
Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance.
- December 12, 2023
- 09:00 AM
- 2
-
50K WordPress sites exposed to RCE attacks by critical bug in backup plugin
A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.
- December 11, 2023
- 05:46 PM
- 2
-
Over 30% of Log4J apps use a vulnerable version of the library
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries the maximum severity rating, despite patches being available for more than two years.
- December 10, 2023
- 10:35 AM
- 1
-
WordPress fixes POP chain exposing websites to RCE attacks
WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.
- December 07, 2023
- 03:10 PM
- 0
-
Atlassian patches critical RCE flaws across multiple products
Atlassian has published security advisories for four critical remote code execution (RCE) vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS.
- December 06, 2023
- 10:49 AM
- 0
-
"Sierra:21" vulnerabilities impact critical infrastructure routers
A set of 21 newly discovered vulnerabilities impact Sierra OT/IoT routers and threaten critical infrastructure with remote code execution, unauthorized access, cross-site scripting, authentication bypass, and denial of service attacks.
- December 06, 2023
- 01:01 AM
- 1
-
December Android updates fix critical zero-click RCE flaw
Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution (RCE) bug.
- December 04, 2023
- 02:37 PM
- 0
-
New botnet malware exploits two zero-days to infect NVRs and routers
A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.
- November 22, 2023
- 12:39 PM
- 0
-
New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs
A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution.
- November 14, 2023
- 03:34 PM
- 2
-
CISA warns of actively exploited Juniper pre-auth RCE exploit chain
CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution (RCE) attacks as part of a pre-auth exploit chain.
- November 13, 2023
- 12:23 PM
- 0
-
Veeam warns of critical bugs in Veeam ONE monitoring platform
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical.
- November 06, 2023
- 04:58 PM
- 0
-
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day.
- November 06, 2023
- 10:34 AM
- 0
-
New Microsoft Exchange zero-days allow RCE, data theft attacks
Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
- November 03, 2023
- 11:14 AM
- 3
-
HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks
A remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads.
- November 02, 2023
- 12:21 PM
- 0
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 5.0.17.995M+ Downloads
-
Version: 4.14.12M+ Downloads
-
McAfee Consumer Products Removal tool
Version: NA442,274 Downloads -
Version: 8.4.0.056M+ Downloads
-
Version: 1.4.1.101724,974 Downloads
