Content Paint
Search
Sign in
Membership

vulnerabilities

Networks  | Jul 21, 2023
Citrix zero day used to attack critical infrastructure -- IOCs and detections now available
NetScaler vulnerability, CVE-2023-3519 IOCs

Attackers dropped a webshell, collected and exfiltrated Active Directory data, then ran into some healthy obstacles...

Security  | Jul 18, 2023
Critical pre-auth RCE Citrix Gateway vulnerability is under active attack and looks bad
Critical Citrix vulnerability CVE-2023-3519 under attack

There are approximately 38,000 Citrix Gateway appliances exposed to the public internet and a whole host of internet traffic flows through Citrix ADC...

sonicwall  | Jul 14, 2023
Critical SonicWall vulnerabilities "extremely attractive" - central firewall hub needs urgent patching
Critical SonicWall vulnerabilities "extremely attractive" - central firewall hub needs urgent patching

Multiple critical unauthenticated SQL injection bugs and hard-coded credentials as well as command injection, and file upload bugs need urgent patching.

 |  MOVEit  | Jul 07, 2023
Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer
Fuzzy Thinking: Yet more critical SQL Injection bugs in MOVEIt Transfer

You're tired? Everyone's tired. Just patch promptly please.

 |  vulnerabilities  | Jul 03, 2023
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?
This critical vulnerability is an “open door into your network” and being exploited. Why didn’t RUCKUS Networks register a CVE?

CVE-2023-25717 is being exploited and affected products have been pulled into a new botnet...

MOVEit  | Jun 16, 2023
As victim count mounts, a critical new MOVEit bug emerges - with US federal agencies compromised
new MOVEit vulnerability and federal agencies hacked

Hackers "often breach the Department’s defensive perimeter and roam freely within our information systems"

Fortinet  | Jun 12, 2023
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997

"It is a pre-auth RCE [and] has been proven to be exploitable in a consistent manner; we found it during a Red Team engagement and have exploited it remotely..."

News  | Jun 05, 2023
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released

Admins should urgently modify firewall rules to deny HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443. (Also, can we start fuzzing for SQL Injection properly, please?)

Security  | Apr 10, 2023
Known exploited list: 15 million systems still exposed
Known exploited list: 15 million systems still exposed

... and probably shot to high heaven with malware.

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.