Cybersecurity Threat Advisory: Warlock (Storm-2603) exploits SmarterMail vulnerability
SmarterTools has confirmed that the Warlock ransomware group (Storm‑2603) breached its environment by exploiting an unpatched SmarterMail instance. Current intelligence indicates the same SmarterMail vulnerability is being actively used in the wild to gain initial access and deploy Warlock ransomware....
Cybersecurity Threat Advisory: Compromised OpenVSX delivering GlassWorm malware
A new GlassWorm malware campaign is targeting macOS developer systems through compromised OpenVSX extensions. Continue reading this Cybersecurity Threat Advisory to learn more about this threat and how to protect your environment. What is the threat? A threat actor gained...
Cybersecurity Threat Advisory: FreePBX critical vulnerabilities
Several vulnerabilities in the FreePBX platform have been disclosed and patched, including a critical authentication bypass and flaws enabling SQL injection and arbitrary file upload. Read this Cybersecurity Threat Advisory for an analysis, remediation steps, and detection guidance. What is...
Cybersecurity Threat Advisory: Cisco and Citrix zero-day exploits
An advanced threat actor is exploiting two previously disclosed zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC to deploy custom malware and maintain persistence on targeted networks. Reports indicate the attacker is chaining appliance exploits to...
Cybersecurity Threat Advisory: Critical vulnerability in Dell UnityVSA
Cybersecurity researchers at WatchTowr have disclosed a critical vulnerability in Dell UnityVSA (and related Unity platforms) tracked as CVE-2025-36604. The flaw allows an attacker with no authentication to issue arbitrary OS commands on vulnerable appliances by abusing the login redirection...
Cybersecurity Threat Advisory: VMware zero-day vulnerability exploited
Threat actors have actively exploited a zero-day vulnerability in Broadcom VMware Tools and VMware Aria Operations (CVE-2025-41244) in the wild. The China-linked group UNC5174 (aka Uteus/Uetus) has exploited the flaw for privilege escalation in VMware-targeted attacks. Continue reading this edition...
Cybersecurity Threat Advisory: Fortinet authentication vulnerability
A critical Fortinet authentication bypass vulnerability, CVE-2024-55591, is actively exploited in the wild. This vulnerability impacts FortiOS and FortiProxy, with a CVSS score of 9.6. Continue reading this Cybersecurity Threat Advisory to learn the necessary steps to protect your environment....
Cybersecurity Threat Advisory: Critical update for Juniper Networks routers
A high-severity vulnerability in Juniper Networks, known as CVE-2024-2973, has been exploited. The following flaw affects some of its router products and users need to address it early enough to avoid exploitation. Review this Cybersecurity Threat Advisory in full to...
Cybersecurity Threat Advisory: Atlassian Confluence RCE vulnerability
A new high-severity remote code execution (RCE) vulnerability known as CVE-2024-21683 has been discovered in Atlassian’s Confluence Data Center and Server. This vulnerability permits an attacker with an account on the service to gain server control. Review this Cybersecurity Threat...
Cybersecurity Threat Advisory: RedTail exploits PAN-OS vulnerability
Palo Alto Networks has recently disclosed a critical zero-day vulnerability, CVE-2024-3400, within its PAN-OS operating system. The flaw, found in the GlobalProtect Gateway, is currently under active exploitation. Additionally, the threat actors behind RedTail cryptocurrency mining malware have added this...
