Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
Bleeping Computer

Researcher to release exploit for full auth bypass on FortiWeb

A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attacker to bypass authentication. The flaw was ...
Bleeping Computer

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application ...
Dark Reading

New Exploit Broker on the Scene Pays Premium for Signal App Zero-Days

Gray-market exploit brokers are alive and kicking, with the latest sign of this flourishing market coming in the form of a bidding war for Signal messaging app zero-days from a relatively new entrant.
SiliconANGLE

Oligo Security moves beyond CVE prioritization with real-time application-layer exploit blocking

Runtime security startup Oligo Security Ltd. today unveiled Runtime Exploit Blocking, a new capability that stops exploit attempts at the application layer in real time without killing containers or ...