The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three vulnerabilities impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities catalog. The flaws allow hackers to gain unauthorized access and read local files, with two of them potentially used jointly. There is a mandate for Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates to secure their networks by January 28, 2025.
Threat Actors Exploiting DevOps Web Servers Misconfigurations To Deploy Malware
A new cryptojacking campaign, led by threat actor JINX-0132, exploits misconfigurations in popular DevOps applications like HashiCorp Nomad and Docker API. By utilizing legitimate tools
