vulnerabilities
“CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."
Security
|
May 22, 2024
"Six exploits, no configuration needed, no ports need to get opened; just straight-up RCEs, no fuss, no muss."
POCs for CVSS 10 bug are out of the bag, tens of thousands are exposed, and telemetry mitigation didn't work.
Patch? You'll need to wait until Sunday. Turn off telemetry (no, really; it's a mitigation!) and go to the pub. OK, maybe don't.
Security
|
Mar 30, 2024
Incident suggests a state actor exploiting overstretched maintainer of an "unpaid hobby project"