CSOonline

Critical flaw in ManageEngine Desktop Central MSP tool exploited in the wild

Each of two flaws allow attackers to bypass authentication, leaving customers of MSPs that use ManageEngine at risk. Patches are available. Hackers are exploiting a critical authentication bypass ...
Threat Post

Critical ManageEngine Desktop Server Bug Opens Orgs to Malware

Zoho’s comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution. A critical security vulnerability in the Zoho ...
ZDNet

FBI: Hackers are actively exploiting this flaw on ManageEngine Desktop Central servers

The FBI's cyber division has issued an alert warning enterprises using Zoho-owned ManageEngine's Desktop Central that advanced attackers have been exploiting a flaw to install malware since late ...
Bleeping Computer

Zoho: Patch new ManageEngine bug exploited in attacks ASAP

Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installations to the latest available version. Zoho's ManageEngine Desktop Central is a ...
Bleeping Computer

FBI: State hackers exploiting new Zoho zero-day since October

The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking groups (also known as APTs or ...
Threat Post

FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence. Another Zoho ManageEngine zero-day ...