SecurityWeek reports that SAP systems have been subjected to a 400% increase in ransomware attacks during the last three years, while hacker forum conversations regarding SAP vulnerabilities and SAP-specific cloud and web services rose by 490% and 220%, respectively, over the same period.
Attacks exploiting a critical SQL injection vulnerability impacting Fortinet FortiClient EMS devices, tracked as CVE-2023-48788, have been launched to facilitate the deployment of the ScreenConnect software and Metasploit Powerfun script as part of a new campaign, The Hacker News reports.
BleepingComputer reports that vulnerable TP-Link Archer AX21 routers impacted by the year-old high-severity unauthenticated command injection flaw, tracked as CVE-2023-1389, have been targeted by at least six botnets.
Security updates have been issued by Ivanti to address 27 issues impacting its Avalanche mobile device management solution, according to BleepingComputer.