Research Alerts
- CVE-2024-4040: Researchers say over 1,400 CrushFTP publicly accessible servers are vulnerable. Proof-of-concept is available. Update to a fixed version as soon as possible.
- CVE-2024-3400: Research shows over 22,500 Palo Alto GlobalProtect instances are possibly vulnerable to this flaw as a public proof-of-concept is available. Immediate patching is recommended.
- CVE-2024-20359: Two zero-days exploited in the wild in ArcaneDoor campaign to deploy backdoor malware. Monitoring for new developments including publication of PoCs.
- CVE-2024-20353: Two zero-days exploited in the wild in ArcaneDoor campaign to deploy backdoor malware. Monitoring for new developments including publication of PoCs.
- CVE-2024-2389: CVSSv3 10.0 flaw in Progress Flowmon server. Public proof-of-concept now available. Monitoring for possible exploitation activity. Update to a fixed version.