New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

Hackers are exploiting a new TeleMessage SGNL flaw that exposes sensitive data. CISA warns agencies to patch or stop using it by July 22...

PT-2025-26160 · Dover Fueling Solutions · Progauge Maglink Lx Console

Name of the Vulnerable Software and Affected Versions: Dover Fueling Solutions ProGauge MagLink LX Consoles affected versions not specified Description: A critical issue has been identified, allowing remote attackers to gain full control over fueling station equipment without requiring...

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's Metallic Microsoft 365...

CISA Urges Action on Potential Oracle Cloud Credential Compromise

Following reports of unauthorized access to a legacy Oracle cloud environment, CISA warns of potential credential compromise leading…...

CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a security flaw impacting SonicWall Secure Mobile Access SMA 100 Series gateways to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The high-severity vulnerability, tracked...

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities KEV catalog. The high-severity flaw, tracked as CVE-2025-30066 CVSS score:...

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities KEV catalog following reports of active exploitation in the wild. The vulnerabilit...

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition software have come under active exploitation in the wild. To that end, it has added the vulnerabilities to its Known Exploited Vulnerabilities KEV...

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout

The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach n...

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD software to its Known Exploited Vulnerabilities KEV catalog, following reports that it's being likely...

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

The U.S. Cybersecurity and Infrastructure Security Agency CISA warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. "The vulnerability in ColdFusion CVE-2023-26360 presents as an improper access...

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

CVE-2023-3519: NetScaler (Citrix) RCE Blocked By Imperva

On July 20, CISA warned about the exploitation of an unauthenticated remote code execution vulnerability affecting NetScaler formerly Citrix Application Delivery Controller and NetScaler Gateway. Attackers first exploited this vulnerability in June, when unidentified hackers used this as a zero-d...

Atlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket Products

Australian software company Atlassian has rolled out security updates to address two critical flaws affecting Bitbucket Server, Data Center, and Crowd products. The issues, tracked as CVE-2022-43781 and CVE-2022-43782, are both rated 9 out of 10 on the CVSS vulnerability scoring system...

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA has published three Industrial Control Systems ICS advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom's...

Firewall Bug Under Active Attack Triggers CISA Warning

Software running Palo Alto Networks’ firewalls is under attack, prompting U.S. Cybersecurity and Infrastructure Security Agency CISA to issue a warning to public and federal IT security teams to apply available fixes. Federal agencies urged to patch the bug by September 9. Earlier this month, Pal...

A week in security (May 16 – 22)

Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sites How COVID-19 fuelled a surge in malware Why MRG-Effitas matters to SMBs “Look what I found here” phish targets Facebook users AirTag stalking: What is it, and how can I avoid it? Long lost @ symbol get...

Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware

The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. "The exploitation allows threat actors to download the Mirai sample to the '/tmp' folder...