Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Shadowserver scans have identified 86 compromised instances, and researchers warn multiple threat groups are involved.
Advertisement
Shadowserver
Ivanti’s EPMM is under active attack, thanks to two critical zero-days
Limited attacks occurred prior to Ivanti’s disclosure, followed by mass exploitation by multiple threat groups. More than 1,400 potentially vulnerable instances remain exposed.
MongoBleed defect swirls, stamping out hope of year-end respite
The high-severity vulnerability is under active exploitation and affects many versions of MongoDB, a nearly ubiquitous open-source database.
Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
Researchers warn that half of the exposed vulnerable instances remain unpatched as in-the-wild exploitation grows rapidly.
Operation Endgame targets malware networks in global crackdown
Rhadamanthys, VenomRAT, and the Elysium botnet were targeted in the takedowns.
Attackers bypass patch in deprecated Windows Server update tool
Microsoft addressed the critical vulnerability earlier this month, but had to issue an emergency update to resolve issues it previously missed.
Advertisement
Interpol-led crackdown disrupts cybercrime networks in Africa that caused $485 million in losses
Operation Serengeti 2.0 dismantled almost 11,500 malicious infrastructures between June and August. Officials arrested more than 1,200 alleged cybercriminals.
Botnet serving as ‘backbone’ of malicious proxy network taken offline
Lumen Technology’s Black Lotus Labs took the ngioweb botnet and NSOCKS proxy offline Tuesday.
Tens of thousands of IPs vulnerable to Fortinet flaw dubbed ‘must patch’ by feds
The Shadowserver Foundation put the figure at around 87,000 for a vulnerability rated as critical and first discovered in February.