CSOonline

Critical flaw in ManageEngine Desktop Central MSP tool exploited in the wild

Each of two flaws allow attackers to bypass authentication, leaving customers of MSPs that use ManageEngine at risk. Patches are available. Hackers are exploiting a critical authentication bypass ...
Threat Post

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware

Zoho’s comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution. A critical security vulnerability in the Zoho ...
Bleeping Computer

Critical ManageEngine RCE bug now exploited to open reverse shells

A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks. The first exploitation attempts were observed by cybersecurity ...
Bleeping Computer

CISA warns of critical ManageEngine RCE bug exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) affecting most Zoho ManageEngine products to its catalog of bugs known to be exploited in the wild.