Remote code execution attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script beginning August 30, leveraging vulnerabilities CVE-2024-6670 and CVE-2024-6671. Despite patches released on August 16, delayed application by some organizations led to immediate incidents following the PoC’s publication. The attackers exploited NmPoller.exe to run PowerShell scripts and install remote access tools. To prevent … Continue reading Hackers Actively Exploiting Dangerous WhatsUp RCE Vulnerability