Bleeping Computer

Exploit released for critical Cisco IOS XE flaw, many hosts still hacked

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches ...
Bleeping Computer

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...
TechRepublic

Threat Actors Are Exploiting Vulnerabilities Faster Than Ever

New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on an analysis of 138 different exploited vulnerabilities ...
Ars Technica

Can a $10 Raspberry Pi break your PC’s disk encryption? It’s complicated.

Last week, a video by security researcher StackSmashing demonstrated an exploit that could break Microsoft’s BitLocker drive encryption in “less than 50 seconds” using a custom PCB and a Raspberry Pi ...
Ars Technica

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor

Researchers have discovered malicious code circulating in the wild that hijacks the earliest stage boot process of Linux devices by exploiting a year-old firmware vulnerability when it remains ...
Dark Reading

Researchers Release Details of New RCE Exploit Chain for SharePoint

Researchers who discovered two critical vulnerabilities in Microsoft SharePoint Server have released details of an exploit they developed that chains the two vulnerabilities together to enable remote ...