Threat & Research Team Blog
![Active Exploitation of Critical Security Flaws in F5's BIG-IP Software [ CVE-2023-46747]](https://images.squarespace-cdn.com/content/v1/6059ef5d59f1411908292205/1701065713843-PT3CBV8I7KWPRVLSNOH6/Copy+of+Add+a+heading%281%29.png)
Active Exploitation of Critical Security Flaws in F5's BIG-IP Software [ CVE-2023-46747]
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands. There is no data plane exposure; this is a control plane issue only.
New research uncovers the most targeted and vulnerable assets are OT and Medical Devices
A recent study conducted by a security company has uncovered medical devices are most vulnerable to unpatched CVEs, and that operational technology assets face the highest number of cyber attacks.
Threat to Traders: WinRAR Zero-Day Vulnerability Exploited (CVE-2023-38831)
Hackers are exploiting a previously unknown flaw in WinRAR, a trusted software commonly used for file storage on Windows-based systems. This vulnerability allows them to target traders and steal their digital funds.
