Skip to content

Daily Threat Intel

Menu
  • Vulnerabilities
  • Malware
  • Breaches
  • Enterprise
  • Supply Chain
  • Emerging Threats
  • Cloud
  • About us
Menu

Category: Breaches

Ivanti’s New 0-Days Now in CISA’s Exploit Catalog

Posted on October 9, 2024

Image source: Shutterstock Attacks targeting CVE-2024-9379 and CVE-2024-9380 have impacted customers running the end-of-life CSA 4.6 for which the company issued the last security fix on Sept. 10. Ivanti this week issued…

Share

CVE-2024-0204 in GoAnywhere MFT is a Ticking Time Bomb

Posted on January 24, 2024

Image source: Shutterstock More than 96% of GoAnywhere MFT assets that security vendor Tenable observed on Jan 23 were vulnerable. Mass attacks could soon begin against a critical authentication bypass flaw in…

Share

China’s UTA0178 Threat Group Backdoors 2,100 Ivanti VPN Appliances Via Recently Disclosed 0-Days

Posted on January 18, 2024

Image Source: Shutterstock Attacker stealing sensitive system data, tampering with built-in Integrity Check to hide signs of malicious activity. Multiple threat actors have joined Chinese advanced persistent threat group UTA0178 in targeting…

Share

Exploit Available for Docker Versions of ownCloud Affected by Recent Max. Severity Bug

Posted on December 1, 2023

Image credit: Shutterstock More than 4,000 ownCloud instances remain exposed to attack via CVE-2023-49103; CISA adds vuln to KEV catalog. Attack surface management vendor Onyphe has discovered a total of 4,129 Internet-connected…

Share

Cisco Recommends Orgs Apply Access Lists to HTTPS Server Feature in IOS XE to Mitigate New 0-Day Threat

Posted on October 17, 2023

Image source: : Shutterstock One security vendor says adversary has used bug to infect thousands of IOS XE devices with an implant for remote code execution. Organizations can protect against the zero-day…

Share

Actively Exploited Zero-Day Bug in Cisco IOS XE Gives Attackers Total Admin Access to Affected Devices

Posted on October 16, 2023

Image source: Shutterstock Cisco recommends that customers immediately disable HTTPS Server feature on all Internet-facing devices running the operating system till a fix or other workaround becomes available. An unknown threat actor…

Share

Patch Now: Atlassian Discloses Zero-Day Bug in Confluence Data Center and Server

Posted on October 4, 2023

Image Source: Shutterstock Several customers have reported attackers exploiting the vulnerability to create unauthorized Confluence administrator accounts and to access Confluence instances, company says. Atlassian wants organizations using its on-premises Confluence Data…

Share

North Korea’s Lazarus Group Targets Critical Infrastructure with New Malware Variant

Posted on August 24, 2023

In its third major campaign this year, North Korea’s Lazarus Group is targeting healthcare entities and infrastructure backbone companies.

Share

APT37 using South Korea stampede themed lure to exploit new IE zero-day flaw

Posted on December 8, 2022

Microsoft patched flaw after Google TAG researchers reported it to the company in October. Microsoft has patched a zero-day vulnerability in Internet Explorer’s Jscript engine after researchers from Google’s Threat Analysis Group…

Share

August intrusion into LastPass development environment results in 2nd breach

Posted on December 1, 2022

Password management company says a threat actor used information from previous breach to access customer information. When a threat actor manages to gain access to an organization’s software development environment, bad things…

Share

Posts pagination

1 2 3 Next
  • 12 Bugs in Microsoft’s April 2025 Update to Patch Now
  • NSA, CISA, Others Warn About Fast Flux Threat: Here’s Why
  • Max Severity Bug Affects MITRE Caldera Adversary Emulation Platform
  • FBI: Russia’s APT29 May Exploit These 24 vulnerabilities-Be Aware
  • Ivanti’s New 0-Days Now in CISA’s Exploit Catalog
©2025 Daily Threat Intel | Design: Newspaperly WordPress Theme