Adobe News Articles
Recent news articles refferecing the vendors vulnerabilities.
The Hacker News CVE-2023-26359Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog
Critical security flaw in Adobe ColdFusion has been added to CISA's Known Exploited Vulnerabilities catalog.
2 months ago
CISA warns of Adobe ColdFusion bug exploited as a zero-day
CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild.
2 months ago
The Hacker News CVE-2023-26360CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild
A critical flaw, CVE-2023-26360, has been found and exploited in the wild.
2 months ago
Federal agency breached through Adobe ColdFusion vulnerability
The unidentified hackers exploited CVE-2023-26360 to gain "an initial foothold" on two systems at the same agency, CISA said.
2 months ago
BankInfoSecurity CVE-2024-34102Mass Retail Hacks Affect Adobe Commerce and Magento Stores
Thousands of online stores running Adobe Commerce and Magento software have been hacked since the summer and infected with digital payment skimmers by attackers
2 months ago
GovInfoSecurity CVE-2024-34102Mass Retail Hacks Affect Adobe Commerce and Magento Stores
Thousands of online stores running Adobe Commerce and Magento software have been hacked since the summer and infected with digital payment skimmers by attackers
2 months ago
Big names among thousands infected by payment-card-stealing CosmicSting crooks
Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers'...
2 months ago
The Register CVE-2024-34102Thousands of online shops infected via CosmicSting flaw
Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers'...
2 months ago
CVE-2024-34102Thousands of online shops infected via CosmicSting flaw
Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers'...
2 months ago
Ruetir CVE-2024-34102Adobe Commerce and Magento Store under cyber attack
Cybersecurity researchers have revealed that 5% of all Adobe Commerce and Magento stores have been hacked by cybercriminals exploiting a security vulnerability called CosmicSting. Adobe Commerce and the vulnerabilities detected by cybersecurity experts Tracked as CVE-2024-34102 (CVSS score: 9.8), th...
2 months ago
The Hacker News CVE-2024-34102CVE-2024-2961Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Critical Adobe Commerce vulnerability "CosmicSting" compromises 5% of stores. Urgent patching and key rotation required to prevent data theft.
2 months ago
Help Net Security CVE-2024-41869Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) - Help Net Security
Among the security updates released by Adobe on Tuesday are those for Acrobat and Reader, which fix CVE-2024-45112 and CVE-2024-41869.
3 months ago
보안뉴스 CVE-2023-21608어도비 아크로뱃 리더의 취약점, 활발히 공격 받고 있어
보안 외신 해커뉴스에 의하면 미국의 사이버 보안 전담 기관인 CISA가 어도비 아크로뱃 리더(Adobe Acrobat Reader)에서 발견된 취약점인 CVE-2023-21608에 대한 새로운 경고를 발표했다고 한다. 해당 취약점을 통한 익스플로잇 공격이 활발히 진행되고 있다는 것으로, CISA는 이 취약점을 ‘긴급 패치 목록(KEV)’에 포함시키기도 했다. CISA의 KEV 목록은 실질적인 해킹 공격에 활용되고 있는 취약점들을 포함하고 있어 패치 관리 시 참고하면 유용하다고 알려져 있다.
4 months ago
Vicarius CVE-2024-34102CosmicSting: critical unauthenticated XXE vulnerability in Adobe Commerce and Magento (CVE-2024-34102) - exploit - vsociety
CosmicSting: critical unauthenticated XXE vulnerability in Adobe Commerce and Magento (CVE-2024-34102) - exploitSummaryCVE-2024-34102 affects Adobe Commerce / Magento versions 2.4.6 and earlier. Discovered in...
4 months ago
VMware, SolarWinds Vulnerabilities Exploited, and Cisco Warns of Critical ‘10.0’ Flaw
Cisco said the vulnerability was caused by an improper implementation of the password change process.
4 months ago
Cybersecurity teams advised to look out for critical Adobe, Cisco bugs
CISA added three bugs to the KEV catalog in all; Cisco gives flaw on Cisco Smart Software Manager On-Prem a 10 rating.
5 months ago
The Hacker News CVE-2024-34102CVE-2024-28995Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
Cisco patches critical SSM On-Prem flaw. CISA adds three actively exploited vulnerabilities to KEV catalog. Federal agencies given August 7 deadline t
5 months ago
Recent Adobe Commerce Vulnerability Exploited in Wild
Adobe and CISA warn that a recent Adobe Commerce vulnerability tracked as CVE-2024-34102 has been exploited in the wild.
5 months ago
Red Hot Cyber CVE-2024-34102Identified a POC for the CVE-2024-34102 Vulnerability in Magento / Adobe Commerce
Security experts have identified a significant vulnerability, CVE-2024-34102, affecting Magento and Adobe Commerce platforms.
5 months ago
Red Hot Cyber CVE-2024-34102Identificato POC per la Vulnerabilità CVE-2024-34102 in Magento / Adobe Commerce
È stato rilevato all'interno delle underground un exploit poke relativo all'applicazione Magento (CVE-2024-34102)
5 months ago
75%的Magento電商平臺恐存在重大資安漏洞CosmicSting,若不設法修補,攻擊者有可能取得完整控制權
針對Adobe本月修補電商平臺Adobe Commerce及Magento Open Source的資安弱點CosmicSting(CVE-2024-34102),資安業者Sansec提出警告,這是歷年來該電商平臺最嚴重的漏洞之一,網站管理者應儘速採取緩解措施因應
5 months ago
Cyber Guardian Hub CVE-2024-20720CVE-2024-20720 Vulnerability in Adobe Commerce – Magento
The CVE-2024-20720 affects versions of Adobe Commerce 2.4.6-p3, 2.4.5-p5, 2.4.4-p6, and earlier. It is an OS Command Injection vulnerability
8 months ago
unSafe.sh CVE-2024-20720Magento flaw exploited to deploy persistent backdoor hidden in XML
Magento flaw exploited to deploy persistent backdoor hidden in XML
8 months ago
The Hacker News CVE-2024-20720Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
Exploit alert for Magento users! A critical flaw, CVE-2024-20720, allows threat actors to sneak a persistent backdoor into e-commerce sites.
8 months ago
Security Affairs CVE-2024-20720Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores.
Threat actors are exploiting critical Magento vulnerability CVE-2024-20720 to install a persistent backdoor on e-stores.
8 months ago
Magecart Attackers Pioneer Persistent E-Commerce Backdoor
The infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.
8 months ago
AttackerKB CVE-2024-20767CVE-2024-20767 | AttackerKB
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An atta…
8 months ago
Sploitus CVE-2024-20767💀 Exploit for CVE-2024-20767
Exploit for CVE-2024-20767 | Sploitus | Exploit & Hacktool Search Engine
8 months ago
Sploitus CVE-2024-20767💀 Exploit for CVE-2024-20767
Exploit for CVE-2024-20767 | Sploitus | Exploit & Hacktool Search Engine
8 months ago
Sploitus CVE-2024-20767💀 Exploit for CVE-2024-20767
Exploit for CVE-2024-20767 | Sploitus | Exploit & Hacktool Search Engine
8 months ago
Pentest-Tools.com CVE-2024-20767Adobe ColdFusion - Arbitrary File Read (CVE-2024-20767)
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read.
8 months ago
CybersecurityNews CVE-2024-20767Adobe ColdFusion Flaw Let Attackers Gain Access to Sensitive Files - PoC Released
Adobe has addressed a vulnerability in its ColdFusion software, which could have allowed attackers to read files arbitrarily from the system.
8 months ago
securityonline.info CVE-2024-20767CVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published
Security researcher ma4ter has revealed details of a dangerous security vulnerability (CVE-2024-20767) in Adobe ColdFusion
8 months ago
CyberSRC CVE-2024-20719Attention Adobe Commerce Users: Critical Vulnerabilities Threaten Your Store (CVE-2024-20719 & 20720) - CyberSRC
Running an online store with Adobe Commerce? Two critical vulnerabilities – CVE-2024-20719 and CVE-2024-20720 – demand immediate attention. These vulnerabilities could allow attackers to compromise your...
9 months ago
The Hacker News CVE-2023-26360Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
Threat actors exploit high-severity Adobe ColdFusion vulnerability (CVE-2023-26360) to breach government servers.
1 year ago
Help Net Security CVE-2023-26360CVE-2023-26359Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359) - Help Net Security
CVE-2023-26360 and CVE-2023-26359 are being exploited by attackers, and now there's public PoCs. How to detect if you've been hit?
1 year ago
Security Affairs CVE-2023-26360Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw
The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies.
1 year ago
Hackers breach US govt agencies using Adobe ColdFusion exploit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers.
1 year ago
The Hacker News CVE-2023-21608CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability
Adobe Acrobat Reader users, beware! CISA adds high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities list.
1 year ago
Adobe Acrobat Reader Vuln Now Under Attack
CISA flags use-after-free bug now being exploited in the wild.
1 year ago
Security Affairs CVE-2023-21608CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog
US CISA added the flaw CVE-2023-21608 in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog.
1 year ago
CybersecurityNews CVE-2023-26369Adobe PDF Creator Zero-day Vulnerability Exploited in the Wild
As part of its regular Patch Tuesday updates, Adobe has published a security update for Adobe Acrobat PDF and Reader for Windows and macOS.
1 year ago
The Hacker News CVE-2023-26369Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
Adobe's September 2023 update addresses a new zero-day vulnerability (CVE-2023-26369) in Acrobat and Reader that attackers are exploiting in the wild.
1 year ago
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks
Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks.
1 year ago
CISA warns govt agencies to patch Adobe ColdFusion servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two critical security flaws exploited in attacks, one of them as a zero-day.
1 year ago
Help Net Security CVE-2023-29298CVE-2023-38203Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203) - Help Net Security
Attackers are exploiting 2 Adobe ColdFusion flaws (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells.
1 year ago