Blog | Holm Security | Hacker attacks & exploits

April 12, 2024 — Hacker attacks & exploits Zero-Day Vulnerability in Palo Alto Networks PAN-OS Exploited in the Wild In a recent advisory, Palo Alto Networks warned about a critical flaw in its PAN-OS software, used in its GlobalProtect gateways.

February 27, 2024 — Hacker attacks & exploits Critical Vulnerabilities Discovered in ConnectWise ScreenConnect

Understanding the Vulnerabilities CVE-2024-1708 This is a path-traversal vulnerability...

January 24, 2024 — Hacker attacks & exploits Critical Security Flaw in GoAnywhere MFT: Users Exposed to Unauthorized Admin Access

Understanding CVE-2024-0204 This vulnerability, with a high CVSS score of 9.8, arises...

January 23, 2024 — Hacker attacks & exploits Exploited Vulnerabilities in Ivanti: Connect Secure and Policy Secure Pose Serious Threats

Understanding CVE-2023-46805 & CVE-2024-21887 CVE-2023-46805, rated CVSS 8.2, is a...

Filter Posts

October 18, 2023 — Hacker attacks & exploits Cisco Zero-Day Vulnerability: Exploiting Thousands of Devices

Understanding CVE-2023-20198 The vulnerability, rooted in the web UI feature, affects Cisco IOS XE software with enabled HTTP or HTTPS server features....

June 2, 2023 — Hacker attacks & exploits MOVEit Transfer Zero-Day Vulnerability Exploited in Data Theft Attacks

MOVEit Transfer is a popular file transfer program developed by Ipswitch, a subsidiary of US-based Progress Software Corporation and widely used by...

May 29, 2023 — Hacker attacks & exploits Barracuda Email Security Gateway Appliance Zero-Day Vulnerability

Security Flaw in Email Security Gateway The California-based company investigation has revealed that the flaw is rooted in a component that screens the...

March 17, 2023 — Hacker attacks & exploits Microsoft Outlook Zero Day Vulnerability CVE-2023-23397 Exploited

Outlook Vulnerability Allows Zero-Click Attackers to Compromise User Authentication An attacker who successfully exploited this vulnerability could access a...

December 16, 2022 — Hacker attacks & exploits Critical Vulnerability in FortiOS

Overview FortiOS SSL-VPN doesn't validate HTTP requests properly, leading to an overflow of heap buffer using specially crafted requests.

April 1, 2022 — Hacker attacks & exploits Spring4Shell: Zero-Day Vulnerability in Spring Framework

General information Two RCEs exist and three vectors are being discussed online (one of which is not known to be remotely exploitable):

Hacker attacks & exploits

Subscribe To Our Newsletter

Filter Posts