JD Supra

Adobe Issues Patches for ColdFusion “High Severity” Vulnerability

Adobe recently issued a patch for a high-severity vulnerability for ColdFusion versions 2023.11 and 2021.17 and earlier; according to the National Institute of Standards and Technology (NIST), “an ...
Ars Technica

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and ...
PC World

Attackers exploited ColdFusion vulnerability to install Microsoft IIS malware

Attackers exploited a vulnerability in Adobe ColdFusion to install data-stealing malware that works as a module for Microsoft’s Internet Information Services (IIS) Web server software. Researchers ...
CSOonline

Attackers breach US government agencies through ColdFusion flaw

In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were ...