CISA Alerts on Active Exploitation of Wing FTP Server Flaw — BleepingComputer

CISA has issued a warning regarding a critical vulnerability in Wing FTP Server that is currently being actively exploited in the wild. This flaw allows attackers to execute arbitrary code on affected systems, posing a significant risk to organizations using this software. Security teams should prioritize patching and securing their Wing FTP Server instances to mitigate potential threats and prevent unauthorized access.

Google Chrome Zero-Day Vulnerability Patched Amid Active Exploits — Google News Security (JP)

Google has released an emergency update for Chrome to address a high-severity zero-day vulnerability that has been actively exploited. The vulnerability, identified as CVE-2023-XXXX, affects all versions prior to the latest patch. Organizations should immediately update their Chrome installations to prevent potential exploitation and ensure the security of their browsing environments.

• GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos [The Hacker News]
• Payload Ransomware claims breach of Royal Bahrain Hospital, threatens data leak | brief | SC Media - SC Media [Google News Security]
• 「Microsoft Edge」にも緊急のセキュリティ更新、悪用が確認済みのゼロデイ脆弱性を修正／v146.0.3856.62が展開中 - 窓の杜 [Google News Security (JP)]
• DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage [The Hacker News]
• Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse [The Hacker News]