SecurityWeek

Adobe Patches Critical Apache Tika Bug in ColdFusion

Adobe released 11 security bulletins for 25 vulnerabilities, including a critical code execution bug in ColdFusion.
SecurityWeek

Adobe ColdFusion Servers Targeted in Coordinated Campaign

GreyNoise says a recently observed Adobe ColdFusion exploitation campaign is linked to a massive initial access broker operation.
Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...

Patch now! Attacks on Adobe ColdFusion and Fortinet firewalls observed

Currently, attackers are targeting a five-year-old vulnerability in Fortinet firewalls. The vulnerabilities in ColdFusion are ...
DMR News

GreyNoise Flags Holiday Exploitation Campaign Targeting Adobe ColdFusion Servers

Security researchers at GreyNoise have reported a coordinated exploitation campaign targeting Adobe ColdFusion servers, with ...
CSOonline

Attackers breach US government agencies through ColdFusion flaw

In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were ...
Ars Technica

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and ...