We’re aware of a critical vulnerability impacting XZ Utils, where malicious code was inserted into a library that could allow for remote code execution via Secure Shell Protocol (SSH). XZ is a general-purpose data compression format present in nearly every Linux...
Advisory: Microsoft Exchange Server and Outlook vulnerabilities
We're aware of two critical zero day vulnerabilities impacting the following Microsoft products: Exchange Server (CVE-2024-21410) Outlook (CVE-2024-21413) Microsoft has released security updates for both vulnerabilities. If you have an Exchange Server, we recommend...
Advisory: Apache Struts 2 vulnerability (CVE-2023-50164)
We’re aware of a vulnerability with the Apache Struts 2 application framework, which is used to develop web applications, that could allow an attacker to upload malicious files and run remote code execution (RCE) on the target server. Schools using products impacted...