Threat Post

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware

Zoho’s comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution. A critical security vulnerability in the Zoho ...
CSOonline

Critical flaw in ManageEngine Desktop Central MSP tool exploited in the wild

Each of two flaws allow attackers to bypass authentication, leaving customers of MSPs that use ManageEngine at risk. Patches are available. Hackers are exploiting a critical authentication bypass ...
Threat Post

FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence. Another Zoho ManageEngine zero-day ...
Bleeping Computer

Zoho: Patch new ManageEngine bug exploited in attacks ASAP

Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installations to the latest available version. Zoho's ManageEngine Desktop Central is a ...
Dark Reading

Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration

A critical vulnerability in Zoho’s widely used compliance tool, ManageEngine ADAudit Plus, which monitors changes to Microsoft Active Directory, leaves endpoints vulnerable to unauthenticated users. A ...