Struts2 devmode Still a Problem Ten Years Later<br/>
<a href="https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%20later%3F/30866/">https://isc.sans.edu/forums/diary/Struts%20%22devmode%22%3A%20Still%20a%20problem%20ten%20years%20later%3F/30866/</a><br/>
Analyzing Forest Blizard's Custom Post-Compromise Tool for exploiting CVE-2022-38028<br/>
<a href="https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/">https://www.microsoft.com/en-us/security/blog/2024/04/22/analyzing-forest-blizzards-custom-post-compromise-tool-for-exploiting-cve-2022-38028-to-obtain-credentials/</a><br/>
April 2024 Exchange Server Hotfix Update<br/>
<a href="https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2024-exchange-server-hotfix-updates/ba-p/4120536">https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2024-exchange-server-hotfix-updates/ba-p/4120536</a><br/>
CVE-2024-2389: Command Injection Vulnerability in Progress Flowmon<br/>
<a href="https://rhinosecuritylabs.com/research/cve-2024-2389-in-progress-flowmon/">https://rhinosecuritylabs.com/research/cve-2024-2389-in-progress-flowmon/</a><br/>
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining<br/>
<a href="https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/">https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/</a><br/>