CISA said its new emergency directive for Ivanti zero-days is “based on widespread exploitation of vulnerabilities by multiple threat actors."
Threat actors exploited a critical-severity VMware flaw for almost two years before patches were released in October.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
The Russian APT known as COLDRIVER is using a new backdoor called SPICA in phishing campaigns against NGOs and governments.
Flaws in Citrix NetScaler and ADC Gateway have historically been targeted by threat actors, though researchers don't believe the impact of these two bugs to match that of CitrixBleed.