Cybersecurity Threat Advisory: Critical Linux sudo vulnerability
Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...
Cybersecurity Threat Advisory: Severe GoAnywhere MFT vulnerability
Fortra disclosed a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035, with a CVSS score of 10.0. The flaw allows attackers to execute remote code without authentication. Review this Cybersecurity Threat Advisory to keep your systems safe....
Cybersecurity Threat Advisory: Critical FreePBX zero-day vulnerability
Researchers have discovered a zero-day vulnerability in Sangoma FreePBX, identified as CVE-2025-57819. This flaw allows unauthenticated remote attackers to take control of affected PBX systems, potentially resulting in remote code execution (RCE), arbitrary database manipulation, and full system compromise. Review...
Cybersecurity Threat Advisory: Critical SAP NetWeaver vulnerabilities
Researchers have uncovered a chained vulnerability in SAP NetWeaver Visual Composer involving authentication bypass and insecure deserialization. These critical flaws—tracked as CVE-2025-31324 and CVE-2025-42999—are currently being exploited in an active threat campaign targeting exposed Visual Composer servers. Review the details...
Cybersecurity Threat Advisory: Critical NetScaler Gateway vulnerability
A threat campaign is actively exploiting a critical vulnerability, CVE-2025-6543, in Citrix NetScaler ADC and Gateway appliances configured as a Gateway or AAA virtual server. Review this Cybersecurity Threat Advisory for detailed guidance and recommended actions to mitigate your risk....
Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability
Researchers have identified a new threat actor, “ViciousTrap”, actively exploiting a well-known vulnerability (CVE-2023-20118) to compromise over 5,300 Cisco Edge devices. The attackers are exploiting this flaw to establish a global honeypot network, posing a significant risk to the affected...
Cybersecurity Threat Advisory: Apple AirPlay zero-day vulnerability
Researchers have discovered a critical vulnerability in Apple’s AirPlay protocol. It affects both Apple devices that support AirPlay as well as third-party devices that interface with it. The flaw can enable an attacker to fully takeover a device without the...
Cybersecurity Threat Advisory: ScreenConnect vulnerability
Researchers have discovered a vulnerability in the ScreenConnect remote support software that upon a successful exploitation, can allow for remote execution on a targeted server. Continue reading this Cybersecurity Threat Advisory to learn how to keep your environment safe. What...
Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server
Researchers have discovered a critical session management vulnerability within Apache Roller. It is being tracked as CVE-2025-24859 and has been assigned the maximum CVSS score of 10.0. Review the details in this Cybersecurity Threat Advisory to mitigate your risks. What...
Cybersecurity Threat Advisory: Apache RCE vulnerability
A critical remote code execution (RCE) vulnerability in Apache Parquet, identified as CVE-2025-30065, with a CVSS score of 10.0, has been discovered. Continue reading this Cybersecurity Threat Advisory to learn how to effectively mitigate your risks. What is the threat?...
