ThreatCluster
  • Feed
  • Saved
THREAT HUNTING
  • Domains
  • IP Addresses
  • File Hashes
  • CVEs
THREAT INTELLIGENCE
  • APT Groups
  • Ransomware Groups
  • Malware Families
  • Attack Types
  • MITRE ATT&CK
  • Security Standards
  • Vulnerability Types
BUSINESS INTELLIGENCE
  • Companies
  • Industry Sectors
  • Security Vendors
  • Government Agencies
  • Countries
  • Platforms
Home / Feed / Article

NextGen Healthcare Mirth Connect RCE

Threat Score:
55
FortiGuard Threat Signal
1 day ago

Overview

Threat Signal Report NextGen Healthcare Mirth Connect RCE Description What is the vulnerability? NextGen Healthcare Mirth Connect is vulnerable to unauthenticated remote code execution (CVE-2023-43208) caused due to an incomplete patch of a Command Injection flaw (CVE-2023-37679). Mirth Connect is an open-source data integration platform widely used by healthcare companies.It enables the management of information using bi-directional sending of many types of messages.Attackers could exploit this...

Continue Reading on Original Site

Related Articles

5 articles
1

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

The Hacker News • 3 hours ago

Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners. The threat activity clusters have been codenamedSoco404andKoskeby cloud security firms Wiz and Aqua, respectively. Soco404 "targets both Linux and Windows systems, deploying platform-specific malware," Wiz researchers Maor Dokhanian, Shahar Dorfman, and Avigayil Mechtingersaid. "They use process masquerading to disguise

Score
81
Read more
2

Malicious Android Apps Mimic as Popular Indian Banking Apps Steal Login Credentials

Cybersecurity News • 4 hours ago

Attackers are weaponizing India’s appetite for mobile banking by circulating counterfeit Android apps that mimic the interfaces and icons of public-sector and private banks. Surfacing in telemetry logs on 3 April 2025, the impostors travel through smishing texts, QR codes and -engine poisoning, tricking users into sideloading the packages. During the initial execution window, a […]

Score
81
Read more
3

Mitel Patches Critical Flaw in Enterprise Communication Platform

SecurityWeek • 1 hour ago

An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system.

Score
80
Read more
4

Phishing Attack Spoofs Facebook Login Page to Capture Credentials

GB Hackers • 1 hour ago

Phishing Attack Spoofs Login Page to Capture Credentials Cybercriminals are using a variety of dishonest tactics in a sophisticated phishing effort aimed at users in order to obtain login information. The attack begins with a malicious redirect that leads victims to a fraudulent website mimicking legitimate interfaces. Here, users encounter a fake CAPTCHA prompt designed to appear as a standard security verification step. Upon interacting with this prompt, the site deploys a Browser-in-the-Brows

Score
79
Read more
5

Sophisticated Koske Linux Malware Developed With AI Aid

SecurityWeek • 1 hour ago

The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity.

Score
79
Read more

Save to Folder

Choose a folder to save this article:

Article Intelligence

Key entities and indicators for this article

CVES
CVE-2023-37679
CVE-2023-43208
DOMAINS
NextGen.Healthcare
companies.It
AGENCIES
CISA
COMPANIES
GitHub
INDUSTRIES
Healthcare
ATTACK TYPES
Remote Code Execution
VULNERABILITIES
Command Injection
RCE
Remote Code Execution
DOMAINS
companies.It
NextGen.Healthcare
ARTICLE INFORMATION
Article #4550
Published 1 day ago
FortiGuard Threat Signal