News

CSO Online7h

Sitecore zero-day configuration flaw under active exploitation

Attackers are leveraging a sample machine key in Sitecore products for initial access before ViewState code injections lead ...

Hackers exploited Sitecore zero-day flaw to deploy backdoors

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance ...
SecurityWeek20h

Hackers Exploit Sitecore Zero-Day for Malware Delivery

An ASP.NET feature, ViewState stores the state of a webpage in a hidden HTML field, for persistence. Attackers can target the ...
The Register on MSN6h

Attackers snooping around Sitecore, dropping malware via public sample keys

You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration ...
HealthcareInfoSecurity10h

Attackers Exploit Sitecore Zero Day

Attackers exploited a now-patched zero-day vulnerability in a popular content management system that powers websites for ...
Infosecurity Magazine16h

CMS Provider Sitecore Patches Exploited Critical Zero Day

Google Cloud’s Mandiant successfully disrupted an active ViewState deserialization attack affecting Sitecore deployments ...
InfoWorld2y

How to use response compression in ASP.NET Core - InfoWorld

Take advantage of response compression middleware in ASP.NET Core to reduce bandwidth requirements and improve the responsiveness of your apps.