Exploit Code Released for Zero-Day Vulnerability Discovered in Citrix Virtual Apps & Desktops

Exploit Code Released for Zero-Day Vulnerability Discovered in Citrix Virtual Apps & Desktops

A critical new vulnerability has been discovered in Citrix’s Virtual Apps and Desktops solution, which is widely used to facilitate secure remote access to desktop applications now exploited in the wild. The vulnerability, which remains… Article Source https://gbhackers.com/citrix-virtual-apps-desktops-vulnerability/

Citrix Issues Patches for Zero-Day Recording Manager Bugs

Citrix Issues Patches for Zero-Day Recording Manager Bugs

Very swiftly after their disclosure, Citrix has issued patches for two vulnerabilities in its Citrix Virtual Apps and Desktop technology that allow a remote attacker escalate privileges or execute code of their choice on vulnerable systems. Citrix… Article Source https://www.darkreading.com/cloud-security/citrix-patches-zero-day-recording-manager-bugs

Citrix Zero-Day Bug Allows Unauthenticated RCE

Citrix Zero-Day Bug Allows Unauthenticated RCE

An unpatched zero-day vulnerability in Citrix’s Session Recording Manager allows unauthenticated remote code execution (RCE, paving the way for data theft, lateral movement, and desktop takeover. According to watchTowr research out today, the… Article Source https://www.darkreading.com/cloud-security/citrix-recording-manager-zero-day-bug-unauthenticated-rce

New Citrix Zero-Day Vulnerability Allows Remote Code Execution

New Citrix Zero-Day Vulnerability Allows Remote Code Execution

A new zero-day vulnerability in Citrix’s Session Recording Manager can be exploited to enable unauthenticated remote code execution (RCE) against Citrix Virtual Apps and Desktops, according to watchTowr. The attack surface management provider… Article Source https://www.infosecurity-magazine.com/news/new-citrix-zeroday-vulnerability/

Update your Android: Google patches two zero-day vulnerabilities | Malwarebytes

Update your Android: Google patches two zero-day vulnerabilities | Malwarebytes

Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone… Article Source https://www.malwarebytes.com/blog/news/2024/11/update-your-android-google-patches-two-zero-day-vulnerabilities

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Nov 04, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep… Article Source https://thehackernews.com/2024/11/googles-ai-tool-big-sleep-finds-zero.html

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Aug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the… Article Source https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html

Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. Kaspersky discovered the attacks on May 13,… Article Source https://www.bleepingcomputer.com/news/security/lazarus-hackers-used-fake-defi-game-to-exploit-google-chrome-zero-day/

Samsung Zero-Day Vuln Under Active Exploit, Google Warns

Samsung Zero-Day Vuln Under Active Exploit, Google Warns

A zero-day vulnerability, tracked as CVE-2024-44068, has been discovered in Samsung’s mobile processors and is being used in an exploit chain for arbitrary code execution. The vulnerability was given a critical CVSS score of 8.1 out of 10 and was… Article Source https://www.darkreading.com/endpoint-security/samsung-zero-day-vuln-under-active-exploit-google-warns