Content Paint
Search
Sign in
Membership

vulnerabilities

Security  | Apr 17, 2024
PAN-OS vuln mitigation howler: “Disabling telemetry” no help
PAN-OS vuln mitigation howler: “Disabling telemetry” no help

POCs for CVSS 10 bug are out of the bag, tens of thousands are exposed, and telemetry mitigation didn't work.

VPN  | Apr 12, 2024
Palo Alto Networks: CVSS 10 bug in Pan-OS is being exploited in the wild
PAN-OS bug CVE-2024-3400

Patch? You'll need to wait until Sunday. Turn off telemetry (no, really; it's a mitigation!) and go to the pub. OK, maybe don't.

Security  | Mar 30, 2024
xz-utils Github repository disabled as Linux maintainers assess blast radius of backdoor, earlier commits
xz-utils Github repository disabled as Linux maintainers assess blast radius of backdoor, earlier commits

Incident suggests a state actor exploiting overstretched maintainer of an "unpaid hobby project"

Ubuntu  | Mar 28, 2024
Password-leaking Ubuntu bug sat silent for 11 years
Password-leaking Ubuntu bug sat silent for 11 years

A newly-discovered Linux bug could allow for password leaks. Worse yet, it has sat undiscovered in the OS for the last 11 years

Fortinet  | Mar 13, 2024
Fortinet warns on critical SQL Injection bug after NCSC disclosure
Fortinet warns on critical SQL Injection bug after NCSC disclosure

More pre-auth RCE bugs in Fortinet appliances? Colour us shocked!

Security  | Mar 04, 2024
CI/CD platform TeamCity exposed to critical pre-auth RCE bug, amid disclosure spat
CI/CD platform TeamCity exposed to critical pre-auth RCE bug, amid disclosure spat

JetBrains' platform "a suitable vector to position an attacker to perform a supply chain attack" if compromised warns Rapid7.

Business  | Feb 23, 2024
Leaked LockBit malware deployed in ScreenConnect attacks – 600+ IPs seen attacking 8,200 instances
lockbit connectwise attack

"The executable in question was built using the LockBit 3 ransomware builder tool leaked in 2022, so this particular sample may not have originated with the actual LockBit developers"

Security  | Feb 21, 2024
CVSS 10 ConnectWise vulnerability “extremely trivial to reverse and exploit” as POC lands, attacks start
screenconnect vulnerability connectwise cvss 10

"There might be active exploitation attempts across common AWS IP space"

 |  Patch Tuesday  | Feb 14, 2024
February’s Patch Tuesday brings exploited zero days, Exchange Server headaches
February’s Patch Tuesday brings exploited zero days, Exchange Server headaches

As a major Exchange Service update lands, Redmond admits "it is possible that some functionality may break after installing CU14..."

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.