Cybersecurity Threat Advisory: n8n vulnerability
The n8n workflow automation platform vulnerability, tracked as CVE‑2025‑68613, enables authenticated attackers to execute arbitrary code via expression injection in workflow definitions. Review this Cybersecurity Threat Advisory for actionable steps to mitigate your risk from this flaw. What is the...
Cybersecurity Threat Advisory: SonicWall SMA 100 appliance vulnerability
A SonicWall SMA 100 vulnerability, tracked as CVE‑2025‑40602, is actively being exploited in the wild. SonicWall has issued patches, and CISA added the flaw to its KEV catalog, requiring federal agencies to patch by Dec. 24, 2025. Read this Cybersecurity...
Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability
A newly disclosed Microsoft Outlook vulnerability, tracked as CVE-2025-62562, could allow for remote code execution (RCE). Read this Cybersecurity Threat Advisory to mitigate you and your clients’ risk now. What is the threat? This use-after-free vulnerability introduces a use-after-free flaw...
Cybersecurity Threat Advisory: MySonicWall Cloud Backup breach
SonicWall has confirmed a security breach affecting firewall configuration backups for all customers using the MySonicWall Cloud Backup service. Review the details within this Cybersecurity Threat Advisory to learn more and see how to protect your data. What is the...
Cybersecurity Threat Advisory: Critical Linux sudo vulnerability
Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...
Cybersecurity Threat Advisory: Severe GoAnywhere MFT vulnerability
Fortra disclosed a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035, with a CVSS score of 10.0. The flaw allows attackers to execute remote code without authentication. Review this Cybersecurity Threat Advisory to keep your systems safe....
Cybersecurity Threat Advisory: Critical FreePBX zero-day vulnerability
Researchers have discovered a zero-day vulnerability in Sangoma FreePBX, identified as CVE-2025-57819. This flaw allows unauthenticated remote attackers to take control of affected PBX systems, potentially resulting in remote code execution (RCE), arbitrary database manipulation, and full system compromise. Review...
Cybersecurity Threat Advisory: Critical SAP NetWeaver vulnerabilities
Researchers have uncovered a chained vulnerability in SAP NetWeaver Visual Composer involving authentication bypass and insecure deserialization. These critical flaws—tracked as CVE-2025-31324 and CVE-2025-42999—are currently being exploited in an active threat campaign targeting exposed Visual Composer servers. Review the details...
Cybersecurity Threat Advisory: Critical NetScaler Gateway vulnerability
A threat campaign is actively exploiting a critical vulnerability, CVE-2025-6543, in Citrix NetScaler ADC and Gateway appliances configured as a Gateway or AAA virtual server. Review this Cybersecurity Threat Advisory for detailed guidance and recommended actions to mitigate your risk....
Cybersecurity Threat Advisory: ViciousTrap exploiting Cisco vulnerability
Researchers have identified a new threat actor, “ViciousTrap”, actively exploiting a well-known vulnerability (CVE-2023-20118) to compromise over 5,300 Cisco Edge devices. The attackers are exploiting this flaw to establish a global honeypot network, posing a significant risk to the affected...
