Skip to content
You can now search across every topic, entity and event.What's new
Timeline

CVE-2023-50224

TP-Link WR841N router vulnerability exploited by APT28 to rewrite DNS settings and steal Microsoft 365 credentials.

13 of 13 entries (13 events, 0 interactions)

Filters
#78 Jun

Enabled unauthenticated VPN session establishment via IKEv1 logic flaw

Cybersecurity: Threats and Defences: VPN zero-day open a month pre-patch
#63 Jun

Exploited in the wild against Magento stores before the federal deadline

Cybersecurity: Threats and Defences: Magento RCE forces 9-day patch race
#62 Jun

Exploited to break out of Linux containers and reach root on host systems

Cybersecurity: Threats and Defences: Old Linux container bug back in the wild
#415 May

Exchange repeats the CISA deadline-before-patch trap

Cybersecurity: Threats and Defences
#413 May
#411 May

UNC6780 takes Cisco AI Defense source code

Cybersecurity: Threats and Defences
#37 May

Added to KEV on 7 May with 10 May deadline, confirmed limited exploitation in the wild

Cybersecurity: Threats and Defences: Ivanti EPMM logs fourth KEV zero-day since 2023
#330 Apr

Disclosed by WatchTowr Labs and added to KEV on 30 April with 3 May deadline

Cybersecurity: Threats and Defences: cPanel zero-day ran 65 days before patch; Sorry ransomware active
#224 Apr
#224 Apr
#17 Apr

Enabled APT28 to extract router credentials and modify DNS settings on TP-Link WR841N devices

Cybersecurity: Threats and Defences: GRU hijacks home routers for M365 logins
#128 Mar

F5 reclassifies DoS bug to 9.8 RCE

Cybersecurity: Threats and Defences