A vulnerability in the “monlist” feature of ntpd can allow remote attackers to cause distributed denial of service attack (DDoS) via forged requests. US-CERT and the Canadian Cyber Incident Response Center (CCIRC) have both observed active use of this attack vector in recent DDoS attacks.
US-CERT encourages users and administrators to review the CCIRC document as well as US-CERT Vulnerability Note VU#348126 for more information.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-41940 WebPros…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-1708 ConnectWise ScreenConnect Path…