The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. These include CVE-2023-1389, a command injection vulnerability in TP-Link Archer AX-21 routers exploited by Mirai botnets since April 11, 2023; CVE-2021-45046, a remote code execution vulnerability in Apache Log4j2 with 74 unique IP addresses attempting to exploit it in the past 30 days; and CVE-2023-21839, an unspecified vulnerability in Oracle WebLogic Server patched in January 2023. Federal Civilian Executive Branch agencies must apply vendor-provided fixes by May 22, 2023 in order to protect their networks against these active threats.
Source: Hackernews
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.