Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.
The Cybersecurity and Infrastructure Security Agency (CISA) has added Telerik and Zoho vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Sophos has fixed a Sophos Firewall remote code execution (RCE) vulnerability (CVE-2022-3236) exploited in the wild.
CISA and FBI alert: Attackers actively exploiting vulnerability in Zoho ManageEngine ServiceDesk Plus
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) issued a joint advisory warning attackers are actively exploiting a vulnerability CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus.
Researchers from FireEye have discovered Chinese cyber threat group APT41 carry out a broad cyber campaign between January 20 and March 11, 2020. The actors have attempted to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central products against 75 FireEye customers.