Attacks on WinRAR vulnerability continue

Anyone who has WinRAR on their computer should ensure they install the latest version. Google warns of active attacks.

CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks

CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks.
CSOonline

Mitel MiCollab VoIP authentication bypass opens new attack paths

Researchers released a proof-of-concept exploit for a path traversal flaw in the enterprise VoIP suite that, coupled with an arbitrary file read issue, can give attackers access to protected files, ...
Bleeping Computer

Ivanti warns of another critical CSA flaw exploited in attacks

Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this admin ...