SecurityWeek

Adobe ColdFusion Servers Targeted in Coordinated Campaign

GreyNoise says a recently observed Adobe ColdFusion exploitation campaign is linked to a massive initial access broker operation.
Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
Bleeping Computer

Critical code execution vulnerability fixed in Adobe ColdFusion

Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018. Today's emergency updates patch an arbitrary code execution ...

Patch now! Attacks on Adobe ColdFusion and Fortinet firewalls observed

Currently, attackers are targeting a five-year-old vulnerability in Fortinet firewalls. The vulnerabilities in ColdFusion are ...
Threat Post

Adobe Beefs Up Security in ColdFusion 11

Adobe is calling out a number of security enhancements built into ColdFusion 11, including new OWASP tools, profile controls and crypto upgrades to existing APIs. Suffice it to say, the security of ...