xz-utils xz-utils Github repository disabled as Linux maintainers assess blast radius of backdoor, earlier commits , and Edward Targett March 30, 2024
Fortinet Fortinet warns on critical SQL Injection bug after NCSC disclosure , and The Stack March 13, 2024
Cybersecurity CI/CD platform TeamCity exposed to critical pre-auth RCE bug, amid disclosure spat , and The Stack March 4, 2024
ConnectWise Leaked LockBit malware deployed in ScreenConnect attacks – 600+ IPs seen attacking 8,200 instances , and The Stack February 23, 2024
vulnerabilities CVSS 10 ConnectWise vulnerability “extremely trivial to reverse and exploit” as POC lands, attacks start , and The Stack February 21, 2024
Patch Tuesday February’s Patch Tuesday brings exploited zero days, Exchange Server headaches , and Edward Targett February 14, 2024
Ivanti Ivanti 0day fest continues with fresh bugs, attacks, as CISA tells federal agencies "just disconnect" , and Edward Targett February 2, 2024
vulnerabilities Exploit released for fresh Fortra GoAnywhere bug: CVSS 9.8 and again, nasty. Patch up. , and The Stack January 24, 2024
vulnerabilities vCenter Server vulnerability went exploited for two years unnoticed. Attacks are ongoing , and Edward Targett January 19, 2024
Cybersecurity Ivanti VPN appliance exploitation now happening at scale , and The Stack January 16, 2024
vulnerabilities Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up. , and Edward Targett January 10, 2024
Cybersecurity Software licensing bug percolates pre-auth RCE risk downstream to PLC-land , and The Stack January 8, 2024
Patch Tuesday A December Patch Tuesday recap: Azure Logic Apps, Power Platform get critical fix , and The Stack December 13, 2023
SolarWinds SolarWinds sued by SEC over 2019 monster hack, CISO also charged with fraud, control failures , and Edward Targett October 31, 2023
