Asaad Shaikh

All posts by Asaad Shaikh

Asaad is a Cybersecurity Analyst at Barracuda. He supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...

/ October 2, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Severe GoAnywhere MFT vulnerability

Cybersecurity Threat Advisory: Severe GoAnywhere MFT vulnerability

Fortra disclosed a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035, with a CVSS score of 10.0. The flaw allows attackers to execute remote code without authentication. Review this Cybersecurity Threat Advisory to keep your systems safe....

/ September 24, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical FreePBX zero-day vulnerability

Cybersecurity Threat Advisory: Critical FreePBX zero-day vulnerability

Researchers have discovered a zero-day vulnerability in Sangoma FreePBX, identified as CVE-2025-57819. This flaw allows unauthenticated remote attackers to take control of affected PBX systems, potentially resulting in remote code execution (RCE), arbitrary database manipulation, and full system compromise. Review...

/ September 3, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical SAP NetWeaver vulnerabilities

Cybersecurity Threat Advisory: Critical SAP NetWeaver vulnerabilities

Researchers have uncovered a chained vulnerability in SAP NetWeaver Visual Composer involving authentication bypass and insecure deserialization. These critical flaws—tracked as CVE-2025-31324 and CVE-2025-42999—are currently being exploited in an active threat campaign targeting exposed Visual Composer servers. Review the details...

/ August 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical NetScaler Gateway vulnerability

Cybersecurity Threat Advisory: Critical NetScaler Gateway vulnerability

A threat campaign is actively exploiting a critical vulnerability, CVE-2025-6543, in Citrix NetScaler ADC and Gateway appliances configured as a Gateway or AAA virtual server. Review this Cybersecurity Threat Advisory for detailed guidance and recommended actions to mitigate your risk....

/ August 14, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability

Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability

Researchers have identified a new threat actor, “ViciousTrap”, actively exploiting a well-known vulnerability (CVE-2023-20118) to compromise over 5,300 Cisco Edge devices. The attackers are exploiting this flaw to establish a global honeypot network, posing a significant risk to the affected...

/ May 28, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apple AirPlay zero-day vulnerability

Cybersecurity Threat Advisory: Apple AirPlay zero-day vulnerability

Researchers have discovered a critical vulnerability in Apple’s AirPlay protocol. It affects both Apple devices that support AirPlay as well as third-party devices that interface with it. The flaw can enable an attacker to fully takeover a device without the...

/ May 4, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ScreenConnect vulnerability

Cybersecurity Threat Advisory: ScreenConnect vulnerability

Researchers have discovered a vulnerability in the ScreenConnect remote support software that upon a successful exploitation, can allow for remote execution on a targeted server. Continue reading this Cybersecurity Threat Advisory to learn how to keep your environment safe. What...

/ April 28, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server

Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server

Researchers have discovered a critical session management vulnerability within Apache Roller. It is being tracked as CVE-2025-24859 and has been assigned the maximum CVSS score of 10.0. Review the details in this Cybersecurity Threat Advisory to mitigate your risks. What...

/ April 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache RCE vulnerability

Cybersecurity Threat Advisory: Apache RCE vulnerability

A critical remote code execution (RCE) vulnerability in Apache Parquet, identified as CVE-2025-30065, with a CVSS score of 10.0, has been discovered. Continue reading this Cybersecurity Threat Advisory to learn how to effectively mitigate your risks. What is the threat?...

/ April 9, 2025