Researchers have spotted a second, worldwide campaign exploiting the ManagedEngine SelfServiceAD Plus zero-day: one that’s breached defense, energy and healthcare organizations. A new campaign is ...

Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments. A remote code execution vulnerability in ...

The US Cybersecurity and Infrastructure Security Agency (CISA) is keeping an eye on Zoho, with the agency warning users of a vulnerability in the company’s ManageEngine platform. Zoho is an ...

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure ...

The newly identified bug in a Zoho single sign-on and password management tool has been under active attack since early August. The FBI, CISA and the U.S. Coast Guard Cyber Command (CGCYBER) warned ...

CISA is urging users of Zoho's ManageEngine ADSelfService Plus to update their tools, noting that APT actors are actively exploiting a recently discovered vulnerability. Zoho ManageEngine ...

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical severity Java deserialization vulnerability affecting multiple Zoho ManageEngine products to its catalog of bugs ...

A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks. The first exploitation attempts were observed by cybersecurity ...