For individuals

Vulnerable Apache RocketMQ instances impacted by the critical remote code execution bug, tracked as CVE-2023-33246, are being targeted by the Muhstik botnet to facilitate more expansive distributed denial-of-service and cryptocurrency mining intrusions, reports The Hacker News.

Ongoing intrusions exploiting a pair of old remote code execution flaws in the widely used open-source web app framework ThinkPHP, tracked as CVE-2018-20062 and CVE-2019-9082, have been conducted by Chinese hackers since April, following a similar attack campaign launched in October, according to SecurityWeek.

Attacks leveraging breached VPN credentials have been deployed by the new Fog ransomware operation against organizations in the U.S. education sector since early last month, BleepingComputer reports.

Establishing a clear process for developers to respond to critical CVEs is essential for having a rapid and coordinated response.

Each insider threat incident averages a $15 million loss, so teams really need to rethink their plans to mitigate these threats.