Cybersecurity Threat Advisory: Storm-1175 exploits zero-days to deploy Medusa ransomware
Storm-1175 is a threat actor using a rapid sequence of zero-day and N-day exploits to deploy Medusa ransomware against internet-facing assets. This high-velocity attack pattern has been highlighted by security researchers, who emphasize the heightened risk posed by exposed perimeter...
Cybersecurity Threat Advisory: PureLog Stealer malware campaign
A new malware campaign is using deceptive copyright infringement notices to distribute PureLog Stealer, targeting organizations across multiple sectors and countries. The malware operates primarily in memory and employs evasion techniques such as DLL sideloading to bypass traditional security controls....
Cybersecurity Threat Advisory: Critical RCE Flaw in BeyondTrust
A critical pre-authentication remote code execution (RCE) vulnerability has been identified in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). If left unpatched, it may result in full system compromise, data loss, or service disruption. Review this Cybersecurity Threat...
Cybersecurity Threat Advisory: Zero-day Cisco vulnerability
CVE‑2026‑20045 is a critical zero‑day vulnerability impacting multiple Cisco Unified Communications products and Webex Calling Dedicated Instances. Successful exploitation allows an unauthenticated attacker to achieve remote code execution. Continue reviewing this Cybersecurity Threat Advisory to learn how to mitigate your...
Cybersecurity Threat Advisory: Critical n8n vulnerability
A severe vulnerability, tracked as CVE-2025-68668 with a CVSS score of 9.9, was recently discovered in n8n, an open-source workflow automation platform. The flaw enables authenticated users with create or modify workflows permissions to execute arbitrary system commands on the...
Cybersecurity Threat Advisory: Critical ArrayOS VPN flaw
Attackers are exploiting a command injection vulnerability in ArrayOS AG VPN devices to plant PHP webshells and create rogue users. CISA has added this vulnerability to the Known Exploited Vulnerabilities (KEV) catalog. Review this Cybersecurity Threat Advisory to discover recommended...
Cybersecurity Threat Advisory: Fluent Bit vulnerabilities
Five vulnerabilities have been identified in Fluent Bit. Upon a successful exploitation, attackers could bypass authentication, perform path traversal, execute remote code, or cause denial of service. Review this Cybersecurity Threat Advisory now to secure you or your clients’ infrastructure....
Cybersecurity Threat Advisory: Critical Windows Kernel zero-day vulnerability
CVE-2025-62215 is a Windows Kernel flaw that lets attackers escalate to SYSTEM privileges, persist, access data, and move laterally. Attackers are actively exploiting this zero-day in the wild. Review this Cybersecurity Threat Advisory for best practices and recommendations to mitigate...
Cybersecurity Threat Advisory: RCE vulnerability in SolarWinds WHD
A critical remote code execution (RCE) vulnerability, CVE-2025-26399, has been identified in SolarWinds Web Help Desk (WHD) and remains exploitable despite previous fixes. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers, leading to a full system...
Cybersecurity Threat Advisory: WinRAR zero-day exploited
A critical path traversal zero-day vulnerability — tracked as CVE‑2025‑8088 — has been identified in WinRAR and related components (Windows RAR, UnRAR.dll, and the portable UnRAR source code), and is currently being actively exploited. Review the details in this Cybersecurity...
