Pager 7 - Senthorus Blog

CVE-2023-46604: Critical RCE in Apache ActiveMQ Exploited by Kinsing Malware

The critical CVE-2023-46604 flaw in Apache ActiveMQ allows remote code execution, exploited to deploy malware like the Kinsing crypto miner.

By Luc Meier

Ivanti VPN Zero-Day Exploits: CVE-2023-46805 & CVE-2024-21887

Two Ivanti VPN zero-days enable remote code execution; Volexity links the attacks to UTA0178 and urges urgent patching and forensic investigation.

By Natacha Bakir

The Log4Shell Vulnerability

Log4Shell (CVE-2021-44228) is a critical flaw in Log4j 2 allowing remote code execution, affecting millions of systems worldwide.

By Rayan Annabi

CVE-2023-22518 and how it is used in recent Ransomware Attacks

CVE-2023-22518 allows remote attackers to reset Confluence servers and deploy ransomware; patching and backups are critical for defense.

By Leo Duntze

CVE-2020-1472 - Zerologon

Zerologon (CVE-2020-1472) is a critical flaw allowing attackers to gain domain admin access via Netlogon by exploiting weak AES encryption.

By Leo Duntze