The flaw (CVE-2024-24919) could enable attackers to read certain information on Gateways if they are connected to the Internet and enabled with Remote Access VPN or Mobile Access.
A threat actor has been observed exploiting various previously disclosed flaws to gain access to various U.S. governments and research organizations.
Threat actors exploited a critical-severity VMware flaw for almost two years before patches were released in October.
Exploitation has been observed in the wild for a critical flaw in the file transfer server from the MOVEit Transfer maker.
The average time that it takes threat actors to exploit vulnerabilities - either prior to or after their public disclosure - is going down.