A zero-day security flaw in Apache OfBiz, an open-source Enterprise Resource Planning system, allows attackers to bypass authentication protections. The flaw, caused by an incomplete security patch for a previous vulnerability, allows access to internal unauthorized resources by using empty username and password fields. Users are urged to update to version 18.12.11 or later to protect against potential threats. The Shadowserver Foundation has reported numerous exploit attempts.
Botnets leverage decade-old D-Link vulnerabilities in new attack campaigns
A new report from FortiGuard Labs has revealed the activities of two botnets, FICORA and CAPSAICIN, exploiting vulnerabilities in legacy D-Link devices. The report stresses
