Threat Post

Pulse Secure Critical Zero-Day Security Bug Under Active Exploit

CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs. A critical zero-day ...
Bleeping Computer

Pulse Secure VPN zero-day used to hack defense firms, govt orgs

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide ...
Bleeping Computer

CISA orders federal orgs to mitigate Pulse Secure VPN bug by Friday

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new emergency directive ordering federal agencies to mitigate an actively exploited vulnerability in Pulse Connect Secure ...
ZDNet

DHS CISA: Companies are getting hacked even after patching Pulse Secure VPNs

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. However, in two security alerts ...