CVE

CVE-2024-57727

2field notes · 0digests

View all posts tagged #cve-2024-57727 →

Field notes

Analysis · May 10, 2026 · The Commentary Desk
Zyxel patched CVE-2024-11667 in September. They named it in November
The fix shipped on September 3, 2024. The CVE assignment came eleven weeks later, after Helldown was already in production networks. The customers who patched on time still got compromised.
Analysis · May 10, 2026 · The Commentary Desk
SimpleHelp CVE-2024-57727: a seven-day patch and a sixteen-month leak
SimpleHelp shipped a fix in seven days from full disclosure. Then they posted it to a forum. Ransomware affiliates have been pulling hashed admin credentials out of unpatched servers ever since.