Barracuda ESG zero-day exploited since October 2022 by UNC4841 (China-nexus APT) in mass campaign against government and defense organizations. Barracuda recommended REPLACING physical appliances — patch was insufficient. This is an extremely severe supply-chain-adjacent attack.
Barracuda Email Security Gateway (ESG) appliance had a remote code execution vulnerability due to incomplete input validation of file names in TAR archive attachments.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →