Several hacker groups, including those supposedly supported by official Beijing, exploited a vulnerability in one of the apps discovered 4 years ago in order to access the US government's resources, according to US authorities.
Gerd Altmann/ pixabay.com (source)
The Telerik tool, designed to build web applications, was first installed on an internet-accessible server of a certain American federal agency related to the executive branch in 2020 and 2021. The Telerik vulnerability is named CVE-2019-18935 and has a rating of 9.8 (critical), one of the most frequently exploited vulnerabilities.
The attackers managed to "successfully execute remote code" on the department's web server and open access to its internal resources, according to the US Cybersecurity and Infrastructure Protection Agency (CISA). The same vulnerability, according to the agency, was exploited by several hacker groups from November 2022 to January 2023.
If you notice an error, click the mouse on it and press CTRL + ENTER.