Threat Post

Zoho ManageEngine Password Manager Zero-Day Gets a Fix, Amid Attacks

An authentication bypass vulnerability in the ManageEngine ADSelfService Plus platform leading to remote code execution offers up the keys to the corporate kingdom. A critical security vulnerability ...
Tech.co

Zoho ManageEngine Vulnerability Draws Attention of CISA

The US Cybersecurity and Infrastructure Security Agency (CISA) is keeping an eye on Zoho, with the agency warning users of a vulnerability in the company’s ManageEngine platform. Zoho is an ...
CSOonline

Zoho ManageEngine flaw is actively exploited, CISA warns

Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments. A remote code execution vulnerability in ...
Threat Post

Zoho’s ManageEngine Password Manager Flaw Torched by Godzilla Webshell

Researchers have spotted a second, worldwide campaign exploiting the ManagedEngine SelfServiceAD Plus zero-day: one that’s breached defense, energy and healthcare organizations. A new campaign is ...
Bleeping Computer

CISA warns of critical ManageEngine RCE bug used in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs ...
Homeland Security Today

USCG, FBI, CISA Alert on Vulnerability in ManageEngine ADSelfService Plus

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure ...