Tag: Cybersecurity Threat Advisory

Threat actors are actively targeting Wazuh servers running software version 4.4.0 by exploiting a vulnerability that enables them to install Mirai botnets. These botnets facilitate distributed denial of service (DDoS) attacks against victims and execute malicious payloads on the compromised...

Leavar Michel / June 12, 2025

Cybersecurity Threat Advisory: Critical Fortinet vulnerability exploited by Qilin ransomware

Featured Security

Cybersecurity Threat Advisory: Critical Fortinet vulnerability exploited by Qilin ransomware

The Qilin ransomware group is exploiting two critical Fortinet vulnerabilities that allow attackers to bypass authentication and execute remote code on vulnerable systems. Read this Cybersecurity Threat Advisory to discover the tactics used and the best practices you can implement...

Mandeep Gujral / June 11, 2025

Cybersecurity Threat Advisory: Critical Cisco ISE vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Cisco ISE vulnerability

The Cisco Identity Services Engine (ISE) has a critical vulnerability, CVE-2025-20286, with a CVSS score of 9.9 out of 10. If successfully exploited, threat actors can gain privileged access without authentication and perform unauthorized operations on vulnerable systems. Read this...

Vincent Yu / June 6, 2025

Cybersecurity Threat Advisory: Google Chrome zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Google Chrome zero-day vulnerability

Google has issued a security update for Chrome desktop to address CVE-2025-5419, which has a CVSS score of 8.8. It is a critical zero-day flaw in the V8 JavaScript engine that is actively exploited by attackers. Continue to read this...

Mandeep Gujral / June 5, 2025

Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability

Featured Security

Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability

A critical vulnerability was identified in Fortinet’s FortiProxy, FortiSwitchManager, and FortiOS products. This vulnerability, CVE-2025-22252, enables an attacker who possess knowledge of an existing administrative account to bypass authentication and gain unauthorized access to the device as a valid administrator....

Darshit Kothari / June 4, 2025

Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability

Featured Security

Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability

Researchers have identified a new threat actor, “ViciousTrap”, actively exploiting a well-known vulnerability (CVE-2023-20118) to compromise over 5,300 Cisco Edge devices. The attackers are exploiting this flaw to establish a global honeypot network, posing a significant risk to the affected...

Asaad Shaikh / May 28, 2025

Cybersecurity Threat Advisory: AWS default IAM roles risks

Featured Security

Cybersecurity Threat Advisory: AWS default IAM roles risks

Cybersecurity researchers have uncovered critical vulnerabilities arising from default Identity and Access Management (IAM) roles in Amazon Web Services (AWS). Service setups often create these roles automatically or recommend them, granting excessive permissions that expose environments to privilege escalation and...

Stacey Landrum / May 21, 2025

Cybersecurity Threat Advisory: Ivanti EPMM vulnerability

Featured Security

Cybersecurity Threat Advisory: Ivanti EPMM vulnerability

Ivanti has released updates for Endpoint Manager Mobile (EPMM) that address one medium and one high-severity vulnerability. When chained together, these vulnerabilities can enable unauthenticated remote code execution (RCE). Review the details in this Cybersecurity Threat Advisory for information on...

Darshit Kothari / May 21, 2025

Cybersecurity Threat Advisory: SAP critical vulnerabilities

Featured Security

Cybersecurity Threat Advisory: SAP critical vulnerabilities

SAP has released patches to address a second vulnerability, CVE-2025-42999, affecting its SAP NetWeaver tool. The vulnerability involves a privilege escalation issue that, when chained with SAP’s CVE-2025-31324 vulnerability (unauthenticated file upload flaw in SAP NetWeaver Visual Composer), can enable...

Vincent Yu / May 16, 2025

Cybersecurity Threat Advisory: Critical zero-day vulnerability in Fortinet

Featured Security

Cybersecurity Threat Advisory: Critical zero-day vulnerability in Fortinet

A critical zero-day vulnerability affecting several Fortinet products, most notably FortiVoice enterprise phone systems, has recently been patched. Attackers are actively exploiting CVE-2025-32756 in the wild. Read the details of this Cybersecurity Threat Advisory to learn how to keep your...

Stacey Landrum / May 15, 2025

Categories

Tags

Archives

Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: Wazuh servers targeted to launch Mirai attacks

Cybersecurity Threat Advisory: Critical Fortinet vulnerability exploited by Qilin ransomware

Cybersecurity Threat Advisory: Critical Cisco ISE vulnerability

Cybersecurity Threat Advisory: Google Chrome zero-day vulnerability

Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability

Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability

Cybersecurity Threat Advisory: AWS default IAM roles risks

Cybersecurity Threat Advisory: Ivanti EPMM vulnerability

Cybersecurity Threat Advisory: SAP critical vulnerabilities

Cybersecurity Threat Advisory: Critical zero-day vulnerability in Fortinet