Cybersecurity Threat Advisory: Critical RCE Flaw in BeyondTrust
A critical pre-authentication remote code execution (RCE) vulnerability has been identified in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). If left unpatched, it may result in full system compromise, data loss, or service disruption. Review this Cybersecurity Threat...
Cybersecurity Threat Advisory: Zero-day Cisco vulnerability
CVE‑2026‑20045 is a critical zero‑day vulnerability impacting multiple Cisco Unified Communications products and Webex Calling Dedicated Instances. Successful exploitation allows an unauthenticated attacker to achieve remote code execution. Continue reviewing this Cybersecurity Threat Advisory to learn how to mitigate your...
Cybersecurity Threat Advisory: Critical n8n vulnerability
A severe vulnerability, tracked as CVE-2025-68668 with a CVSS score of 9.9, was recently discovered in n8n, an open-source workflow automation platform. The flaw enables authenticated users with create or modify workflows permissions to execute arbitrary system commands on the...
Cybersecurity Threat Advisory: Critical ArrayOS VPN flaw
Attackers are exploiting a command injection vulnerability in ArrayOS AG VPN devices to plant PHP webshells and create rogue users. CISA has added this vulnerability to the Known Exploited Vulnerabilities (KEV) catalog. Review this Cybersecurity Threat Advisory to discover recommended...
Cybersecurity Threat Advisory: Fluent Bit vulnerabilities
Five vulnerabilities have been identified in Fluent Bit. Upon a successful exploitation, attackers could bypass authentication, perform path traversal, execute remote code, or cause denial of service. Review this Cybersecurity Threat Advisory now to secure you or your clients’ infrastructure....
Cybersecurity Threat Advisory: Critical Windows Kernel zero-day vulnerability
CVE-2025-62215 is a Windows Kernel flaw that lets attackers escalate to SYSTEM privileges, persist, access data, and move laterally. Attackers are actively exploiting this zero-day in the wild. Review this Cybersecurity Threat Advisory for best practices and recommendations to mitigate...
Cybersecurity Threat Advisory: RCE vulnerability in SolarWinds WHD
A critical remote code execution (RCE) vulnerability, CVE-2025-26399, has been identified in SolarWinds Web Help Desk (WHD) and remains exploitable despite previous fixes. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers, leading to a full system...
Cybersecurity Threat Advisory: WinRAR zero-day exploited
A critical path traversal zero-day vulnerability — tracked as CVE‑2025‑8088 — has been identified in WinRAR and related components (Windows RAR, UnRAR.dll, and the portable UnRAR source code), and is currently being actively exploited. Review the details in this Cybersecurity...
Cybersecurity Threat Advisory: Microsoft SharePoint zero-day vulnerability
Attackers are actively exploiting CVE-2025-53770, a critical zero-day vulnerability in Microsoft SharePoint, to execute remote code without authentication. This flaw allows attackers to deploy persistent malware and potentially exfiltrate sensitive data from unpatched on-premises environments. Review the full details in...
Cybersecurity Threat Advisory: Zero-day Chrome vulnerability
Google has patched a high-severity zero-day vulnerability, tracked as CVE-2025-6554 with a CVSS score of 8.1, in Chrome’s V8 engine that allows attackers to execute arbitrary code via a crafted HTML page. Review the details of this Cybersecurity Threat Advisory...
