X-Industry

zero day (2)

Fixes for Zero-Day as Attackers Swarm VPN Vulnerability

Palo Alto Networks has released fixes for a zero-day vulnerability affecting its GlobalProtect VPN product that is being targeted following its disclosure last week. Hotfixes for the vulnerability labeled: CVE-2024-3400, were recently published, as promised in an urgent notice about the bug on 12 April. The zero-day carries the highest severity score possible of 10.[1]

Security company Volexity, which Palo Alto credited with discovering the bug, said it “is highly likely” the attacker behind t

Zero-Day Exploit in Govt Attacks

Fortinet warns that a recently addressed FortiOS vulnerability has been exploited by a sophisticated threat actor in highly targeted attacks against governmental and government-related entities. Patched last week, the bug is tracked as CVE-2022-41328 and is described as a medium-severity path traversal issue leading to command execution. When it announced the availability of fixes, Fortinet failed to mention that this was actually a zero-day vulnerability.[1] “An improper limitation of a path

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use Red Sky Alliance.

Please check your browser settings or contact your system administrator.

Note: this page contains paid content.