Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
ZDNet

Adobe releases out-of-band update to patch ColdFusion zero-day

Adobe has released today an emergency out-of-band update for its ColdFusion development platform that patches a zero-day vulnerability that was being exploited in the wild. In its security bulletin ...
Ars Technica

ColdFusion hack used to steal hosting provider’s customer data

A vulnerability in the ColdFusion Web server platform, reported by Adobe less than a week ago, has apparently been in the wild for almost a month and has allowed the hacking of at least one company ...
PC World

Attackers exploited ColdFusion vulnerability to install Microsoft IIS malware

Attackers exploited a vulnerability in Adobe ColdFusion to install data-stealing malware that works as a module for Microsoft’s Internet Information Services (IIS) Web server software. Researchers ...