On 15 October 2024, SolarWinds released a hotfix for CVE-2024-28988, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an

On 9 October 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab EE, identified as CVE-2024-9164. This flaw allows a remote

On 24 September 2024, Rackspace, a managed cloud computing company providing cloud hosting, dedicated servers, and multi-cloud solutions, reported an issue with their Rackspace Monitoring

On 26 September 2024, a security researcher disclosed several vulnerabilities affecting Common UNIX Printing System (CUPS) within GNU/Linux distributions. CUPS is an open-source printing system

On 24 September 2024, Hewlett Packard Enterprise (HPE), the parent company of Aruba Networks, released a security bulletin addressing three critical command injection vulnerabilities affecting

Update (10/22/2024): Broadcom has released updated fixes for this vulnerability as the initial patch from September did not fully resolve the issue. Please read our follow-up security

On 11 September 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab CE/EE, identified as CVE-2024-6678. This flaw allows a remote

On 10 September 2024, Microsoft released its September security update, addressing 79 vulnerabilities. Arctic Wolf has highlighted four vulnerabilities in this bulletin that Microsoft labeled

On 10 September 2024, Ivanti released fixes for CVE-2024-29847, a maximum severity vulnerability in Ivanti Endpoint Manager (EPM). This flaw, found in the agent portal

On 4 September 2024, Veeam released a security bulletin announcing that they have fixed several vulnerabilities affecting various Veeam products. Arctic Wolf has highlighted five

On 3 September 2024, Zyxel released patches for a critical OS command injection vulnerability, identified as CVE-2024-7261, affecting Access Points (APs) and security routers. This

On 27 August 2024, Fortra published a security advisory regarding a critical credential vulnerability in FileCatalyst Workflow, identified as CVE-2024-6633. FileCatalyst Workflow is a managed

On 22 August 2024, SonicWall published a security advisory regarding a critical improper access control vulnerability in several SonicWall Firewall models. This vulnerability, identified as

On 13 August 2024, SolarWinds released a hotfix for CVE-2024-28986, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an

On 13 August 2024, Microsoft released their August 2024 security update, which addressed 90 vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted 15 in this

On 12 August 2024, Ivanti announced a critical authentication bypass vulnerability in its Virtual Traffic Manager (vTM), identified as CVE-2024-7593. Ivanti Virtual Traffic Manager (vTM)

On 17 July 2024, SolarWinds published a security advisory detailing multiple critical vulnerabilities in its Access Rights Manager (ARM) software. These vulnerabilities were responsibly disclosed

On 24 July 2024, Progress published a knowledge base article disclosing a critical vulnerability (CVE-2024-6327) impacting Telerik Report Server, a product by Progress designed for

On 10 July 2024, ServiceNow disclosed a series of critical vulnerabilities impacting their platform, identified as CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. These vulnerabilities were responsibly disclosed

On 10 July 2024, GitLab issued an advisory regarding a critical vulnerability (CVE-2024-6385) in GitLab CE/EE that had been reported to them through a bug

On 9 July 2024, Microsoft published their July 2024 security update, consisting of 139 newly disclosed vulnerabilities. Among these vulnerabilities, Arctic Wolf has highlighted seven

On 1 July 2024, OpenSSH released fixes for CVE-2024-6387, a vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems allowing for potential Remote Code Execution

On 28 June 2024, Juniper released fixes for a critical authentication bypass vulnerability discovered during internal testing, CVE-2024-2973. Juniper has stated that this vulnerability affects

On 26 June 2024, TeamViewer published a statement disclosing they detected an irregularity in TeamViewer’s internal corporate IT environment. TeamViewer is an organisation that provides

On 24 June 2024, cybersecurity company Sansec published a security advisory detailing how an associated Polyfill domain (cdn.polyfill[.]io) was being used to insert malicious code

On 17 June 2024, VMware disclosed two critical vulnerabilities (CVE-2024-37079 & CVE-2024-37080) affecting vCenter Server and Cloud Foundation. These vulnerabilities stem from a heap-overflow issue

Since April 2024, Arctic Wolf has been tracking an ongoing campaign by Black Basta ransomware group affiliates leveraging Microsoft’s Quick Assist for initial access. The

On 11 June 2024, Microsoft published their June 2024 security update with patches for 49 vulnerabilities. Among these vulnerabilities, Arctic Wolf is highlighting CVE-2024-30080 as

On 31 May 2024, a Proof of Concept (PoC) exploit and technical analysis were published for a pre-authentication Remote Code Execution (RCE) exploit chain impacting

On 2 June 2024, Snowflake published a joint statement with CrowdStrike and Mandiant detailing their initial findings while investigating a campaign involving unauthorised access to