One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
The vulnerability, nicknamed ProxyLogon, was disclosed by Microsoft in 2021, and a patch has been available for 4 years.
aha.org5d
Advisory details how cyber actors deployed vulnerabilities in attack on Ivanti cloud products
The Cybersecurity and Infrastructure Security Agency and FBI Jan. 22 released an advisory explaining how cyberthreat actors ...
Hackers are still using old Ivanti bugs to break into networks
The agencies have, once again, repeated their earlier calls for upgrades, and urged network administrators to be on the lookout for signs of compromise. By submitting your information you agree to the ...
techzine5d
Lack of patching leads to massive exploitation of Ivanti hardware
CISA, the U.S. cybersecurity agency, and the FBI report that attackers are still exploiting security vulnerabilities in ...
One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers
This echoes an earlier report by Trend Micro that said malware spotted in Salt Typhoon campaigns includes SnappyBee, which is ...
Infosecurity-magazine.com6d
Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances
Threat actors have been actively exploiting chained vulnerabilities in Ivanti Cloud Service Appliances (CSA), significantly ...
CISA: Hackers still exploiting older Ivanti bugs to breach networks
CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws ...
Ivanti zero-days chained together in at least 3 attacks, authorities warn
The vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products.
The Hacker News6d
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...