🚀 Medial Secures Investment on Shark Tank India - Fueling the Future of Professional Social Networking. 🔥

Startup Showcase

Premium Content

Try our Valuation Calculator →

News on Medial

Critical vulnerabilities in Exim threaten over 250k email servers worldwide

Arstechnica

Arstechnica · 1y ago

Critical vulnerabilities in Exim threaten over 250k email servers worldwide

Critical vulnerabilities have been discovered in Exim, the mail transfer agent used by approximately 253,000 servers worldwide. Zero Day Initiative reported the vulnerabilities, which allow remote execution of malicious code. The bugs have severity ratings ranging from 7.5 to 9.8 out of 10. Exim has released patches for three of the vulnerabilities in a private repository, but the status of patches for the remaining three is unknown. The vulnerabilities were not transparently disclosed, leading to criticism of both Exim and ZDI. Hackers have previously exploited Exim vulnerabilities to compromise networks.

Related News

Exim vulnerability affecting 1.5 million servers lets attackers attach malicious files

Arstechnica

Arstechnica · 1y ago

Exim vulnerability affecting 1.5 million servers lets attackers attach malicious files

Around 1.5 million email servers running vulnerable versions of the Exim mail transfer agent are at risk of attacks. The servers have a critical vulnerability, known as CVE-2024-39929, which makes it easy for threat actors to send attachments that can install apps or execute code, bypassing normal protections. While no active exploitation has been reported yet, the sheer number of vulnerable servers and the ease of the attack make it likely that active targeting will occur. Admins are advised to update to the latest version of Exim to mitigate this risk.

Spies hack high-value mail servers using an exploit from yesteryear

Arstechnica

Arstechnica · 2m ago

Spies hack high-value mail servers using an exploit from yesteryear

Security firm ESET reports that Kremlin-backed hacking group Sednit exploited XSS vulnerabilities in mail server software to access high-value email accounts. Targeting mail servers from Roundcube, MDaemon, Horde, and Zimbra, Sednit used spearphishing emails with embedded malicious HTML to execute JavaScript, leaking contacts and emails to attacker-controlled servers. While some vulnerabilities were patched, attackers exploited unaddressed and zero-day flaws, affecting defense contractors and governmental organizations across Bulgaria, Romania, Africa, the EU, and South America.

Roundcube email flaw is being exploited, so patch now, US government warns

Techradar

Techradar · 1y ago

Roundcube email flaw is being exploited, so patch now, US government warns

The US government is warning about an actively exploited vulnerability in the Roundcube email server platform. The bug, a persistent cross-site scripting (XSS) flaw, is being abused via custom-built plain/text messages and links. The vulnerability affects Roundcube email servers versions between 1.4.14 and 1.5.4, as well as versions between 1.6.0 and 1.6.3. While the government agencies have until March 4 to patch the vulnerability, private sector organizations are also at risk, as there are over 130,000 Roundcube servers on the internet.

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

TechCrunch · 1y ago

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack

Security researchers have discovered two vulnerabilities in ConnectWise ScreenConnect, a popular remote-access tool used by over a million companies. Hackers are mass exploiting these flaws to deploy ransomware and steal sensitive data. The vulnerabilities include an authentication bypass issue and a path-traversal vulnerability allowing attackers to remotely plant malicious code. Although ConnectWise disclosed the flaws and urged customers to install patches, thousands of servers remain vulnerable. Cybersecurity firms have observed various threat actors exploiting the flaws, deploying password stealers, back doors, and ransomware. The scope of the vulnerabilities' impact is currently unknown.

Actively exploited vulnerability gives extraordinary control over server fleets

Arstechnica

Arstechnica · 1m ago

Actively exploited vulnerability gives extraordinary control over server fleets

A maximum-severity vulnerability in AMI MegaRAC, a firmware package used in servers from various manufacturers, is being actively exploited, giving attackers full control over tens of thousands of servers. This vulnerability allows remote control of servers without authentication, impacting mission-critical data centers. The flaw lets attackers evade traditional security measures, potentially implant malicious code in firmware, and cause operational disruptions. While some vendors have released patches, affected organizations are urged to secure their systems promptly.

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn | TechCrunch

TechCrunch · 1y ago

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn | TechCrunch

Security experts are warning that hackers are taking advantage of vulnerabilities in the widely used remote access tool ConnectWise ScreenConnect to deploy the LockBit ransomware. Two high-risk flaws in the tool, including an authentication bypass vulnerability and a path traversal vulnerability, are being actively exploited by hackers. Despite recent law enforcement action against the LockBit gang, it appears that some affiliates are still able to operate. The exact number of affected users is unknown, but the Shadowserver Foundation has reported widespread exploitation of the vulnerabilities, with over 8,200 servers remaining vulnerable.

Bugs in Moovit gave hackers free rides and access to personal information

Startup News FYI

Startup News FYI · 1y ago

Bugs in Moovit gave hackers free rides and access to personal information

A security researcher has discovered vulnerabilities in the popular transportation app Moovit that could have allowed hackers to take control of user accounts, gain free rides, and access personal information, according to recent reports. Exploitation of Vulnerabilities and Collection of Sensitive Data Omer Attias, a security researcher at SafeBreach, identified three critical vulnerabilities.

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Arstechnica

Arstechnica · 1y ago

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Vulnerabilities in the CocoaPods repository for macOS and iOS apps have left millions of users at risk of supply-chain attacks. The vulnerabilities, which were fixed last October, allowed hackers to add malicious code to apps and gain access to sensitive information such as credit card details and medical records. The vulnerabilities were related to an insecure verification email mechanism and an active programming interface for abandoned pods. These vulnerabilities underscore the need for robust security measures in app development and the importance of regularly updating software.

Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate

Arstechnica

Arstechnica · 5m ago

Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate

VMware has patched three critical vulnerabilities affecting its ESXi, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform. These vulnerabilities allow attackers to escape from a virtual machine to the hypervisor, potentially compromising all VMs on that hypervisor. With severity ratings up to 9.3, these vulnerabilities, already exploited in the wild, pose significant security threats. Organizations using affected products should investigate and secure their environments promptly to mitigate these risks.

VMware sandbox escape bugs are so critical, patches are released for end-of-life products

Arstechnica

Arstechnica · 1y ago

VMware sandbox escape bugs are so critical, patches are released for end-of-life products

VMware has issued an urgent patch for critical vulnerabilities that could allow hackers to bypass security protections in ESXi, Workstation, Fusion, and Cloud Foundation products. The vulnerabilities, which have severity ratings of 9.3 out of 10, enable a hypervisor escape, compromising the effectiveness of the virtual machine's segmentation from the host machine. VMware is recommending immediate action to address this security issue and has provided a matrix showing how the vulnerabilities affect different product versions. The company has not yet observed any active exploitation of these vulnerabilities.

Trackers

Active Indian VC’s

OG Capital Email

With a hands-on approach, OG Capital aims to invest in over 20 promising...

Accel Partners Email

Early and growth-stage investments in disruptive technology companies with...

Early-stage venture capital firm investing in technology startups in India. Focus on...

Access All Trackers

Startup Showcase Winners

June 2025

Helping your parents when you are miles away

The Pit Stop Your Cravings Deserve

The next generation E-commerce platform

Enter Ongoing Startup Showcase

Top Users

Trending News on Medial

Download the medial app to read full posts, comements and news.