Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...

Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. The name itself implies that a request that should have otherwise been made ...

Commvault is warning customers of a critical vulnerability affecting Command Center, a web-based management console for its data protection and backup offerings. The flaw, tracked as CV-2025-34028, ...

Security teams are warned to be on the lookout for a growing wave of opportunistic and largely untargeted cyber attacks exploiting two related exploit chains to target Microsoft Exchange servers. This ...

Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus ...

A zero-day vulnerability disclosed by Ivanti last week is undergoing mass exploitation in the wild, according to the Shadowserver Foundation. The non-profit said it had seen over 170 discrete IP ...

Thousands of Jira instances remain vulnerable to server-side request forgery (SSRF), a Web application vulnerability that redirects malicious requests to resources restricted to a server. The extent ...

Microsoft says Cuba ransomware threat actors are hacking Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability also exploited in Play ransomware ...