Patches have been issued by ESET for a high-severity flaw impacting its antivirus, server, and endpoint offerings for Windows, as well as its security products for Exchange Server, Azure, SharePoint Server, and IBM Domino, which could be leveraged to facilitate privilege escalation and arbitrary file deletion, reports SecurityWeek.
SecurityWeek reports that more than 100 security vulnerabilities have been collectively fixed by Intel and AMD for their respective products as part of this month's Patch Tuesday.
BleepingComputer reports that almost 700 Ivanti servers have been compromised with the novel DSLog backdoor in attacks leveraging the server-side request forgery flaw affecting the SAML component of Ivanti Connect Secure, Policy Secure, and ZTA gateways, tracked as CVE-2024-21893.
BleepingComputer reports that threat actors were noted by the Cybersecurity and Infrastructure Security Agency to have commenced attacks targeting the critical remote code execution vulnerability in Fortinet's FortiOS devices, tracked as CVE-2024-21762, just a day after Fortinet noted possible exploitation.