Threat Post

Patched ColdFusion Flaw Exposes Applications to Attack

Adobe pushed hotfixes to ColdFusion 11 and 10 installations addressing a XXE vulnerability that can be exploited processing OOXML documents. An Adobe ColdFusion vulnerability addressed Tuesday in a ...
Ars Technica

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and ...
Threat Post

Adobe Breached, Acrobat and ColdFusion Code Stolen Along with 2.9M Customer Records

Adobe announced it has been breached and attackers may have accessed source code for a number of products, and stolen 2.9 million customer records. Attackers accessed customer IDs, encrypted passwords ...
Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...