Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Hillary Clinton Delivers A Damning Verdict On Trump’s Latest Controversies

    July 1, 2026

    Could GLP-1 Drugs Help You Live Longer?

    July 1, 2026

    Campaign optimization strategies that actually work in 2026

    July 1, 2026
    Facebook X (Twitter) Instagram
    Trending
    • Hillary Clinton Delivers A Damning Verdict On Trump’s Latest Controversies
    • Could GLP-1 Drugs Help You Live Longer?
    • Campaign optimization strategies that actually work in 2026
    • Hyring – Company Profile – AllBusiness.com
    • Vivek Sudanthirapandian new GM at Courtyard Kochi Infopark
    • AAVE Price Prediction: Bulls Eye $110 But the $92–96 Gauntlet Will Make or Break the Move
    • Live Updates: Supreme Court Allows States to Bar Transgender Athletes From Girls’ Sports
    • Comcast Plans To Split Into 2 Public Companies By Spinning Off NBCUniversal And Sky
    Facebook X (Twitter)
    SBM Global News
    Demo
    • Home
    • Top Stories
      • Politics
    • Business
      • Small Business
      • Marketing
    • Finance
      • Investment
    • Technology

      Hyring – Company Profile – AllBusiness.com

      July 1, 2026
      Read More

      Vibe coding platform Base44 launches own model as AI startups seek defensibility

      June 30, 2026
      Read More

      Providus – Company Profile – AllBusiness.com

      June 29, 2026
      Read More

      Why Wall Street thinks US memory maker Micron is the next Nvidia

      June 29, 2026
      Read More

      Trump Admin releases Anthropic Mythos to be used by more than 100 US companies, agencies

      June 27, 2026
      Read More
    • Lifestyle
      • Travel
    • Feel Good
    • Get In Touch
    SBM Global News
    Demo
    Home»Technology»PaperCut says hackers are exploiting ‘critical’ security flaws in unpatched servers
    Technology

    PaperCut says hackers are exploiting ‘critical’ security flaws in unpatched servers

    By Staff WriterApril 26, 20233 Mins Read
    Facebook Twitter LinkedIn Reddit Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Print management software maker PaperCut says attackers are exploiting a critical-rated security vulnerability to gain access to unpatched servers on customer networks.

    PaperCut offers two print management products, PaperCut NG and PaperCut MF, used by local governments, large enterprises, and healthcare and education institutions. PaperCut’s website says it has over 100 million users from more than 70,000 organizations worldwide.

    In an advisory last week, PaperCut said that a critical vulnerability it patched earlier in March was under active attack against machines that had yet to install the security update. The vulnerability, tracked as CVE-2023-27350, is scored 9.8 out of a possible 10 in vulnerability severity as it could allow an unauthenticated attacker to remotely execute malicious code on a server without needing credentials.

    PaperCut also sounded the alarm about a separate but similar flaw in its software, tracked as CVE-2023-27351 with a vulnerability severity rating of 8.2 out of 10. The bug allows hackers to extract information about users stored within a customer’s PaperCut MF and NG servers, including usernames, full names, email addresses, department information, and payment card numbers associated with the accounts.

    “Both of these vulnerabilities have been fixed in PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11 and 22.0.9 and later,” the company said. “We highly recommend upgrading to one of these versions containing the fix.

    Since PaperCut’s confirmation of in-the-wild attacks, cybersecurity company Huntress said it observed hackers exploiting the vulnerabilities to plant legitimate remote management software — Atera and Syncro — to backdoor unpatched servers. Huntress said it has detected about 1,800 internet-exposed PaperCut servers.

    Huntress said that the attackers used the remote tools to plant malware known as Truebot, which is often used by the Russia-backed Clop gang before it deploys ransomware. Clop is also believed to have used TrueBot as part of its mass-hack targeting customers of Fortra’s GoAnywhere file transfer tool.

    “While the ultimate goal of the current activity leveraging PaperCut’s software is unknown, these links (albeit somewhat circumstantial) to a known ransomware entity are concerning,” Huntress wrote. “Potentially, the access gained through PaperCut exploitation could be used as a foothold leading to follow-on movement within the victim network, and ultimately ransomware deployment.”

    Huntress said it created an unreleased proof-of-concept exploit to evaluate the threat posed by the two vulnerabilities. On Monday, researchers with automated pentesting firm Horizon3 released its own proof-of-concept exploit code for the 9.8-rated vulnerability.

    CISA added the highest-severity CVE-2023-27350 flaw to its list of actively exploited vulnerabilities on Friday, ordering federal agencies to secure their systems against ongoing exploitation within three weeks by May 12.

    3CX blames North Korea for supply chain mass-hack

    PaperCut says hackers are exploiting ‘critical’ security flaws in unpatched servers by Carly Page originally published on TechCrunch

    Originally published at techcrunch.com

    devices gadgets notebooks phones tablets technology
    Share. Facebook Twitter LinkedIn Email Reddit
    Previous ArticleYelp rolls out AI-powered search updates and the ability to add videos to reviews
    Next Article Russian Lawyers Challenge Censorship Law, in Rare Display of Dissent

    Related Posts

    Hyring – Company Profile – AllBusiness.com

    July 1, 2026
    Read More

    Vibe coding platform Base44 launches own model as AI startups seek defensibility

    June 30, 2026
    Read More

    Providus – Company Profile – AllBusiness.com

    June 29, 2026
    Read More
    Add A Comment

    Leave A Reply Cancel Reply

    Demo
    Top Posts

    Former FBI, CIA Head Has ‘Serious Concerns’ With Trump Cabinet Picks

    December 28, 2024435

    Emirates to operate next-gen A350 on the third daily service to Cape Town

    January 14, 2026256

    AAVE Price Prediction: Target $215-225 by Mid-January 2025 as Technical Indicators Signal Bullish Momentum

    December 15, 2025240

    Ventive Hospitality Joins Green Fins: Strong ESG Lift

    February 17, 2026211
    Don't Miss
    Politics

    Hillary Clinton Delivers A Damning Verdict On Trump’s Latest Controversies

    By Staff WriterJuly 1, 20262 Mins Read

    Hillary Clinton waded into two of Donald Trump’s latest controversies on Tuesday with a damning…

    Read More

    Could GLP-1 Drugs Help You Live Longer?

    July 1, 2026

    Campaign optimization strategies that actually work in 2026

    July 1, 2026

    Hyring – Company Profile – AllBusiness.com

    July 1, 2026
    Stay In Touch
    • Facebook
    • Twitter
    Demo
    About Us

    Small Business Minder brings together business and related news from around the world in one place. Follow us for all the business news you'll need.

    Facebook X (Twitter)
    Our Picks

    Hillary Clinton Delivers A Damning Verdict On Trump’s Latest Controversies

    July 1, 2026

    Could GLP-1 Drugs Help You Live Longer?

    July 1, 2026
    Most Popular

    Former FBI, CIA Head Has ‘Serious Concerns’ With Trump Cabinet Picks

    December 28, 2024435

    Emirates to operate next-gen A350 on the third daily service to Cape Town

    January 14, 2026256
    © 2026 Small Business Minder
    • Home
    • Get In Touch

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. To get the most from our site, please disable your Ad Blocker.