Darshit Kothari

All posts by Darshit Kothari

Darshit is a Cybersecurity Analyst at Barracuda. He's a security expert. Darshit supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

All Posts
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Malicious VS Code extension impersonating Clawdbot
FeaturedSecurity

Cybersecurity Threat Advisory: Malicious VS Code extension impersonating Clawdbot

Security researchers discovered a malicious Visual Studio Code (VS Code) extension named “ClawdBot Agent” impersonating the trending AI assistant Clawdbot. Although it offers functional AI coding features, the extension secretly deploys a weaponized remote access tool on Windows systems immediately...

/ January 30, 2026
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Malicious browser extension in ClickFix variant
FeaturedSecurity

Cybersecurity Threat Advisory: Malicious browser extension in ClickFix variant

Security researchers have uncovered an active malvertising campaign abusing a fake ad‑blocking extension that intentionally crashes Google Chrome and Microsoft Edge to trick users into executing malicious commands—a new evolution of the ClickFix technique known as “CrashFix.” Read the Cybersecurity...

/ January 21, 2026
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Path traversal RCE in Gogs
FeaturedSecurity

Cybersecurity Threat Advisory: Path traversal RCE in Gogs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed active exploitation of a critical vulnerability in the self-hosted Git service Gogs, adding it to the Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch agencies must apply mitigations or discontinue...

/ January 15, 2026
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New SantaStealer malware
FeaturedSecurity

Cybersecurity Threat Advisory: New SantaStealer malware

A new malware-as-a-service (MaaS) info-stealer, SantaStealer, is actively promoted on Telegram and underground forums, with operators reportedly beginning its release ahead of year-end 2025. Read this Cybersecurity Threat Advisory to learn how to reduce your risk from this emerging threat....

/ December 24, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SonicWall SMA arbitrary file upload vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: SonicWall SMA arbitrary file upload vulnerability

Attackers are actively exploiting CVE-2025-40599, a critical vulnerability in SonicWall’s Secure Mobile Access (SMA) devices, to upload arbitrary files and gain unauthorized access. This flaw enables them to execute malicious code and compromise affected systems. The Akira ransomware group is...

/ August 8, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Vulnerabilities in Linux distributions
FeaturedSecurity

Cybersecurity Threat Advisory: Vulnerabilities in Linux distributions

Two critical local privilege escalation (LPE) vulnerabilities were disclosed, identified as CVE-2025-6018 and CVE-2025-6019. These vulnerabilities affect all versions of SUSE 15 and libblockdev, two major Linux distributions, allowing unprivileged users to escalate their privileges to root and posing significant...

/ June 24, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Fortinet authentication bypass vulnerability

A critical vulnerability was identified in Fortinet’s FortiProxy, FortiSwitchManager, and FortiOS products. This vulnerability, CVE-2025-22252, enables an attacker who possess knowledge of an existing administrative account to bypass authentication and gain unauthorized access to the device as a valid administrator....

/ June 4, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ivanti EPMM vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Ivanti EPMM vulnerability

Ivanti has released updates for Endpoint Manager Mobile (EPMM) that address one medium and one high-severity vulnerability. When chained together, these vulnerabilities can enable unauthenticated remote code execution (RCE). Review the details in this Cybersecurity Threat Advisory for information on...

/ May 21, 2025