Dark Reading

Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs

Virtual file transfer system provider CrushFTP and various security researchers are sounding the alarm about a sandbox escape flaw in the CrushFTP server that attackers already have exploited as a ...
Bleeping Computer

Exploit released for Palo Alto PAN-OS bug used in attacks, patch now

Update 4/16/24: Updated story with more information on how previous mitigations do not protect devices. Exploit code is now available for a maximum severity and actively exploited vulnerability in ...