Zerobot botnet exploits 21 vulnerabilities to breach targets
Security researchers have spotted a unique botnet dubbed Zerobot exploiting 21 IoT, network and other vulnerabilities, such as F5 BIG-IP, D-Link, Zyxel, Spring4Shell and other flaws.
CVE-2022-22965
Palo Alto Networks: Network Security Trends report highlights common RCE vulnerability exploits against web apps
Palo Alto Networks Unit 42 researchers released a new report “Network Security Trends” that highlights how attackers are exploiting remote code execution (RCE), cross-site scripting (XSS), traversal and information disclosure vulnerabilities in multiple vendor products.
Oracle Critical Patch Update for April 2022
Oracle has released its Critical Patch Update for April 2022 to include 520 vulnerability fixes across multiple products. The updates also include fixes for Log4j and Spring Framework vulnerabilities.
Cisco issues Critical security updates for Spring Framework vulnerability
Cisco has issued an updated Critical security advisory for a Spring Framework vulnerability CVE-2022-22965 that affects multiple Cisco products. The networking giant also released a security update for a Critical LAN wireless controller vulnerability.
Threat actors exploit Spring4Shell to weaponize and execute Mirai botnet
Researchers from Trend Micro have spotted threat actors exploiting the Spring4Shell vulnerability CVE-2022-22965 to weaponize and execute Mirai botnet.
Spring fixes Critical Spring Framework “Spring4Shell” and Spring Cloud Function vulnerabilities
Spring has published new security fixes for Spring Framework “Spring4Shell” and Spring Cloud Function vulnerabilities.