Zoho Zero-Day Exploited by State Threat Actors Since October, FBI Says

According to a flash alert published by the Federal Bureau of Investigation (FBI) on the 17th of December, state-backed cybercriminals groups are actively exploiting a Zoho zero-day since the month…

A Critical Zoho ManageEngine Desktop Central and Desktop Central MSP Vulnerability Is Exploited by an APT Actor

Zoho ManageEngine Desktop Central is a popular management tool that administrators use for automatic software distribution and remote troubleshooting across the whole network. What Happened? An authentication bypass vulnerability in…

The In-house Zoho ServiceDesk Exploit Used to Drop Webshells

You may recall that we reported a while ago that state-backed advanced persistent threat (APT) organizations had been actively exploiting a significant hole in a Zoho single sign-on and password…

Patched Zoho Vulnerability Is Being Exploited by Hackers

Cyberattacks go on, this time threat actors focusing on a Zoho vulnerability, a critical flaw that has been recently patched. The bug under discussion was dubbed CVE-2021-40539 and could be…