Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
Thousands of Prometheus servers lack proper authentication, risking data leakage, DoS, and remote code execution attacks due to their exposure on the internet.
Attackers are popping clouds using severe Aviatrix bug
The vulnerability in Aviatrix Controller poses critical risks, leading to remote code execution and privilege escalation, with active exploits already observed.
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
Thousands of Prometheus servers lack proper authentication, risking data leakage, DoS, and remote code execution attacks due to their exposure on the internet.
Attackers are popping clouds using severe Aviatrix bug
The vulnerability in Aviatrix Controller poses critical risks, leading to remote code execution and privilege escalation, with active exploits already observed.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
Erlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
Erlang/OTP's SSH implementation has a critical vulnerability allowing remote code execution without authentication, requiring urgent attention and action from security teams.
Apache issues patches for critical Struts 2 RCE bug
The Apache Struts 2 vulnerability (CVE-2024-53677) has a severity rating of 9.5 and poses a serious security risk, necessitating immediate action for users.