Patch/Configuration Management

Most Recent

RCE Exploit Uncovered in Ivanti VPN After Silent Patch Oversight

ChannelE2E StaffApril 14, 2025

RCE Exploit Uncovered in Ivanti VPN After Silent Patch Oversight

Vulnerability Management

Unauthenticated RCE Possible With Critical Ingress NGINX Flaw

ChannelE2E StaffMarch 25, 2025

Wiz reports that nearly 43% of cloud environments could be compromised by NGINX flaw.

Homepage of Apache website on the display of PC

Vulnerability Management

Attacks Exploiting Critical Apache Tomcat Flaw Under Way

ChannelE2E StaffMarch 18, 2025

Wallarm researchers say the attacks are easy to execute and require no authentication.

Vulnerability Management

Three Actively-Exploited VMware Bugs Addressed By Broadcom

ChannelE2E StaffMarch 5, 2025

Broadcom advises security teams to apply the patches right away.

Vulnerability Management

CISA Adds Critical Microsoft, Synacor Zero-Days to KEV List

ChannelE2E StaffFebruary 27, 2025

CISS urges organizations to immediately patch the critical Microsoft and Synacor Zimbra bugs.

The United States Treasury Department building in Washington, D.C.

Vulnerability Management

New PostgreSQL Zero-Day Potentially Leveraged in BeyondTrust Attacks

ChannelE2E StaffFebruary 14, 2025

SecurityWeek reports that open-source database management system PostgreSQL has been impacted by a new zero-day flaw, tracked as CVE-2025-1094, which has been leveraged as part of the attacks against vulnerable BeyondTrust Remote Support systems that impacted the U.S. Treasury Department.

Real Php code developing screen. Programing workflow abstract algorithm concept. Lines of Php code visible under magnifying lens.

Vulnerability Management

Active Exploitation of Years-old ThinkPHP, ownCloud Bugs Spike

ChannelE2E StaffFebruary 13, 2025

BleepingComputer reports that attacks leveraging old critical ThinkPHP Framework and ownCloud file sharing and syncing platform vulnerabilities to facilitate arbitrary operating system command execution and data compromise have surged in recent days.

Critical SonicWall SMA1000 bug patched amid active exploitation. (SonicWall)

Vulnerability Management

Critical SonicWall SMA1000 Flaw Patched Amid Active Exploitation

ChannelE2E StaffJanuary 24, 2025

Critical 9.8 SonicWall SMA1000 bug patched amid active exploitation in the wild.

Patch/Configuration Management

RCE Exploit Uncovered in Ivanti VPN After Silent Patch Oversight

Unauthenticated RCE Possible With Critical Ingress NGINX Flaw

Attacks Exploiting Critical Apache Tomcat Flaw Under Way

Three Actively-Exploited VMware Bugs Addressed By Broadcom

CISA Adds Critical Microsoft, Synacor Zero-Days to KEV List

New PostgreSQL Zero-Day Potentially Leveraged in BeyondTrust Attacks

Active Exploitation of Years-old ThinkPHP, ownCloud Bugs Spike

Critical SonicWall SMA1000 Flaw Patched Amid Active Exploitation

Fast Five

Selected by the SC Media Editorial team every Tuesday.