Cybersecurity Threat Advisory: Critical Fortinet vulnerability exploited by Qilin ransomware
The Qilin ransomware group is exploiting two critical Fortinet vulnerabilities that allow attackers to bypass authentication and execute remote code on vulnerable systems. Read this Cybersecurity Threat Advisory to discover the tactics used and the best practices you can implement...
Cybersecurity Threat Advisory: Google Chrome zero-day vulnerability
Google has issued a security update for Chrome desktop to address CVE-2025-5419, which has a CVSS score of 8.8. It is a critical zero-day flaw in the V8 JavaScript engine that is actively exploited by attackers. Continue to read this...
Cybersecurity Threat Advisory: Cisco critical vulnerability
Cisco has released software patches to fix a critical security flaw, CVE-2025-20188, affecting its IOS XE Wireless Controller software. With a maximum CVSS score of 10.0, the vulnerability could enable unauthenticated remote attackers to gain full root access to impacted...
Cybersecurity Threat Advisory: Critical CrushFTP vulnerability
A critical CrushFTP, CVE-2025-2825, with a CVSS score of 9.8, flaw has been discovered. It enables attackers to bypass authentication on CrushFTP servers, posing a high-severity risk to corporate environments. Continue reading this Cybersecurity Threat Advisory for details on how...
Cybersecurity Threat Advisory: Apache Tomcat vulnerability
A severe remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively exploited in the wild, allowing attackers to gain server control using a simple PUT request. Review the details in this Cybersecurity Threat Advisory to learn...
Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL
Security experts identified a critical PostgreSQL vulnerability, CVE-2025-1094, with a CVSS of 8.1. The vulnerability poses a significant risk to database integrity in enterprise and production environments. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks. What...
Cybersecurity Threat Advisory: Xerox printer vulnerabilities
Two vulnerabilities, CVE-2024-12510 and CVE-2024-12511, have been found in the Xerox VersaLink C7025 Multifunction Printer. Upon successful exploitation, bad actors can capture authentication credentials through pass-back attacks via lightweight directory access protocol (LDAP), server message block (SMB), and file transfer...
Cybersecurity Threat Advisory: Critical Azure vulnerabilities
Microsoft revealed two critical vulnerabilities in Microsoft Azure AI Face Service, a cloud-based facial recognition tool. They enable attackers to bypass authentication. Review the details within this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment. What...
Cybersecurity Threat Advisory: Ransomware attacks on ESXi systems
New ransomware attacks were discovered targeting ESXi systems that use stealthy SSH tunnels to direct traffic to command-and-control (C2) infrastructure, enabling attackers to remain undetected. Continue reading this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment....
Cybersecurity Threat Advisory: Microsoft Windows zero-click RCE vulnerability
A critical Microsoft Windows Lightweight Directory Access Protocol (LDAP) vulnerability has been discovered, identified as CVE-2024-49112. The flaw has a CVSS severity score of 9.8, representing a major threat to enterprise networks. Continue reading this Cybersecurity Threat Advisory to learn...
