Text4Shell flaw undergoing reanalysis
NIST says CVE-2022-42889 in Apache Commons Text has been modified [300 words] What: NIST has updated its entry in the National Vulnerability Database pertaining to the Text4Shell vulnerability in Apache Commons Text (CVE-2022-42889). According to it, the vulnerability is undergoing reanalysis—something that happens when new details emerge about a flaw or when there’s reason to […]
Read MoreAttackers actively exploiting VMware flaw that CISA deemed as posing “unacceptable risk” in May
Multiple campaigns are using CVE-2022-22954 to drop ransomware, coin miners and Mirai [299 words]. What: Multiple malicious campaigns are actively targeting a previously disclosed and now patched remote code execution vulnerability in VMware Workspace ONE Access and Identity Manager (CVE-2022-22954). Researchers from Fortinet’s FortiGuard Labs on Thursday said they had observed threat actors exploiting the […]
Read More