Rapid7: threat actors have exploited zero-day RCE flaws in Adobe ColdFusion and Citrix NetScaler; Citrix patched its flaw but Adobe issued an incomplete fix (Dan Goodin/Ars Technica)

https://ift.tt/gnRmoLJ

Dan Goodin / Ars Technica:
Rapid7: threat actors have exploited zero-day RCE flaws in Adobe ColdFusion and Citrix NetScaler; Citrix patched its flaw but Adobe issued an incomplete fix  —  The exploited code-execution flaws are the kind coveted by ransomware and nation-state hackers.  —  Organizations big and small …

from Techmeme https://ift.tt/lyghuDq