Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Researchers have published working exploit code for the Ivanti Sentry CVE-2023-38035 flaw.
The group reused its infrastructure in attacks against internet infrastructure and healthcare organizations in the U.S. and UK, allowing researchers to unearth details about its newest malware tools.
Ivanti on Tuesday said it “has been informed that CVE-2023-38035 was exploited after exploiting CVE-2023-35078 and CVE-2023-35081.”
The makers of WinRAR have released a new version that fixes a serious remote code execution flaw (CVE-2023-4407) in the compression utility.