We’re aware of a vulnerability (CVE-2023-39904, CVE-2023-39905, CVE-2023-39906) in the web-based management interface of the Ruckus ICX switch product line that could allow a remote attacker to execute XSS and CSRF attacks against the user of the interface. To exploit...

We’re aware of multiple vulnerabilities that have been discovered in Google ChromeOS, the most severe of which could allow a remote attacker to conduct arbitrary code execution. Depending on the privileges associated with the targeted user, an attacker could install...

PaperCut have released a new patch for Papercut NG/MF to address multiple vulnerabilities which are currently being exploited. If you are using this product, we recommend you upgrade your PaperCut application to version 22.1.3. Please follow the instructions on...

We’re aware of a critical Remove Code Execution (RCE) vulnerability affecting Fortinet’s SSL VPN functionality. This vulnerability can be exploited without credentials and affects all SSL VPN appliances, even if multi-factor authentication is enabled. Due to the...

We're aware of a cPanel admin console vulnerability with a severity rating of medium. cPanel is a common website and server management software. Exploitation of this vulnerability could allow a malicious actor to perform remote code execution against any user who...

We’re aware of the new DDoS botnet, AndoryuBot, targeting Ruckus wireless admin panels. We have done a review of N4L-managed Ruckus products and can confirm all products are running unaffected versions. Mitigation If you own Ruckus products that are not managed by us,...

We’re aware of a critical buffer underflow vulnerability CVE-2023-25610 affecting FortiOS’ administrative interface. This vulnerability could allow a malicious actor to remotely execute arbitrary code on the device. It may also allow an unauthenticated actor to...

We’re aware of a critical Microsoft Outlook privilege escalation vulnerability that is being actively exploited.  This vulnerability can be exploited by sending a specifically crafted email which triggers automatically when it is retrieved and processed by the...

We’re aware of a critical Remote Code Execution (RCE) vulnerability affecting PaperCut MF or NG. This vulnerability is currently exploited in the wild. The affected PaperCut products are: PaperCut MF or NG version 8.0 or later, on all OS platforms PaperCut MF or NG...

3CX, a company that supplies telephony solutions, has been affected by a supply chain attack affecting software downloaded from their website. This attack can affect users running the 3CX desktop clients for MacOS and Windows. The recommended action is to remove these...