Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.
The attacks exploit CVE-2023-22518, a critical flaw in Atlassian Confluence Data Center and Server
Proofpoint confirmed Kimsuky has directly contacted foreign policy experts since 2023 through seemingly benign email conversations
Ivanti has fixed two critical vulnerabilities in its Avalanche MDM product which could lead to remote code execution
Orca Security said the issue mirrors a previously identified vulnerability in Azure CLI
Kaspersky also uncovered the use of the SessionGopher script to extract saved passwords
Designated CVE-2024-3400 and with a CVSS score of 10.0, the flaw enables unauthorized actors to execute arbitrary code on affected firewalls