8 matches found
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. Th...
New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
Hackers are exploiting a new TeleMessage SGNL flaw that exposes sensitive data. CISA warns agencies to patch or stop using it by July 22...
Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching
Researchers have released PoC for CVE-2025-32756, a severe security flaw, that is actively being exploited in Fortinet products…...
Active Exploitation of VMware Horizon Servers
This post is co-authored by Charlie Stafford, Lead Security Researcher. We will update this blog with further information as it becomes available. CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Blog's Last Update ---|---|---|---|---|--- CVE-2021-44228 | VMware Advisory |...
Active Exploitation of Apache HTTP Server CVE-2021-40438
CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-40438 | Apache Advisory | AttackerKB | 09/16/2021 multiple | ASAP | December 1, 2021 14:00 ET On September 16, 2021, Apache released version 2.4.49 of HTTP Server, which included a f...
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-22205 | GitLab Advisory | AttackerKB | Evaluating | ASAP | November 1, 2021 On April 14, 2021, GitLab published a security release to address CVE-2021-22205, a critical remote code...
ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack
Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by...
CVE-2024-6106
...