Bleeping Computer

Zoho urges admins to patch severe ManageEngine bug immediately

Business software provider Zoho has urged customers to patch a high-severity security flaw affecting multiple ManageEngine products. The bug, tracked as CVE-2022-47523, is an SQL injection ...
TMCnet

New ManageEngine Study Signals a Turning Point for Enterprise Identity Security Strategy in 2026

ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today released its Identity Security Outlook 2026 report. The report offers a forward-looking ...
Bleeping Computer

Zoho: Patch new ManageEngine bug exploited in attacks ASAP

Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installations to the latest available version. Zoho's ManageEngine Desktop Central is a ...
Threat Post

FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence. Another Zoho ManageEngine zero-day ...
Threat Post

Zoho ManageEngine Password Manager Zero-Day Gets a Fix, Amid Attacks

An authentication bypass vulnerability in the ManageEngine ADSelfService Plus platform leading to remote code execution offers up the keys to the corporate kingdom. A critical security vulnerability ...
Dark Reading

CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit

The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that a critical Zoho ManageEngine remote code execution (RCE) flaw, first disclosed in June, is now under active attack.
CSOonline

Attackers exploiting critical flaw in many Zoho ManageEngine products

Users of on-premises deployments of Zoho ManageEngine products should make sure they have patches applied for a critical remote code execution vulnerability that attackers have now started exploiting ...
CSOonline

Zoho ManageEngine flaw is actively exploited, CISA warns

Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments. A remote code execution vulnerability in ...
Business Wire

Zoho/ManageEngine Named as a Major Player in IDC MarketScape Report on Enterprise Mobility Management

PLEASANTON, Calif.--(BUSINESS WIRE)--Zoho/ManageEngine has been positioned as a Major Player in the IDC MarketScape: Worldwide Enterprise Mobility Management (EMM ...
Ars Technica

A world of hurt for Fortinet and ManageEngine after users fail to install patches

Organizations around the world are once again learning the risks of not installing security updates as multiple threat actors race to exploit two recently patched vulnerabilities that allow them to ...
Homeland Security Today

APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

Successful exploitation of the vulnerability allows an attacker to upload executable files and place webshells, which enable the adversary to conduct post-exploitation activities. This joint advisory ...