| Dec 1, 2022 Flash Notice: Oracle Vulnerability Actively Exploited A patched vulnerability (CVE-2021-35587) found in Oracle’s Fusion Middleware Access Manager (OAM) is currently under active exploitation.
| Nov 18, 2022 Flash Notice: Two High-Severity Vulnerabilities Found in F5 BIG-IP and BIG-IQ Products This week, Rapid7 researchers discovered two high-severity vulnerabilities in F5 BIG-IP and BIG-IQ products running customized distribution of CentOS.
| Nov 14, 2022 Flash Notice: Citrix and VMware Disclose Critical Vulnerabilities, Could Impact Remote Workspaces This week Citrix issued patches for 3 vulnerabilities impacting their Gateway & ADC products. VMware also warned customers about 3 critical vulnerabilities
| Nov 2, 2022 Flash Notice: OpenSSL Project - Two High Severity Vulnerabilities Two critical vulnerabilities that were found in OpenSSL Project’s open-source cryptographic library have now been downgraded to high-severity.
| Oct 28, 2022 Flash Notice: Cisco VPN Vulnerabilities Exploited in the Wild This week, Cisco announced that there are two vulnerabilities affecting their AnyConnect product. They are being tracked as CVE-2020-3433 & CVE-2020-3153.
| Oct 25, 2022 Flash Notice: Windows Zero-Day Exploited - JavaScript Files Bypass Security Warnings A Windows zero-day vulnerability is allowing threat actors to use malicious stand-alone JavaScript files to bypass Mark-of-the-web security warnings.
| Oct 10, 2022 Flash Notice: Critical Fortinet Vulnerability Impacting Fortigate Firewalls and FortiProxy Web Proxies A critical Fortinet authentication bypass vulnerability tracked as CVE-2022-40684 exists in FortiGate firewalls and FortiProxy web proxies.
| Oct 3, 2022 Flash Notice: UPDATE - Microsoft Exchange Double Zero-Day Vulnerabilities There are two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019: CVE-2022-41040 and CVE-2022-41082.
| Sep 28, 2022 Flash Notice: FARGO Ransomware Attacking Microsoft SQL Servers Vulnerable Microsoft SQL servers are currently being targeted by threat actors and infected with FARGO ransomware (aka Mallox & TargetCompany).
| Sep 22, 2022 Flash Notice: Update #2 - Critical Confluence Zero-Day Vulnerability Still Under Active Exploitation Although Atlassian released updates for critical Confluence vulnerability CVE-2022-26134 in June 2022, attackers are still compromising unpatched devices.
