Ars Technica

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and ...
JD Supra

Adobe Issues Patches for ColdFusion “High Severity” Vulnerability

Adobe recently issued a patch for a high-severity vulnerability for ColdFusion versions 2023.11 and 2021.17 and earlier; according to the National Institute of Standards and Technology (NIST), “an ...
CSOonline

Attackers breach US government agencies through ColdFusion flaw

In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were ...