Cybersecurity Threat Advisory: Critical vulnerability in IBM API Connect
A newly disclosed security vulnerability, CVE-2025-13915, affects IBM API Connect. This flaw could allow a remote attacker to bypass authentication and gain unauthorized access to applications. Review this Cybersecurity Threat Advisory for steps to mitigate your risk. What is the...
Cybersecurity Threat Advisory: Critical React2Shell vulnerability
There are two critical unauthenticated remote code execution vulnerabilities in the React Server Components (RSC) “Flight” protocol. Continue reading this Cybersecurity Threat Advisory to learn how to protect you and your clients’ environments. What is the threat? These critical vulnerabilities...
Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability
A critical security vulnerability in Grafana Enterprise could allow attackers to escalate privileges and impersonate users. Tracked as CVE-2025-41115, the flaw carries the maximum CVSS score of 10.0. Continue reading this Cybersecurity Threat Advisory to learn how to protect you...
Cybersecurity Threat Advisory: Severe N-able vulnerabilities
Two critical vulnerabilities were disclosed by N-able in the N-central RMM platform, with one having a maximum severity rating. To help safeguard you and your customers’ environments, please review the best practices outlined in this Cybersecurity Threat Advisory. What is...
Cybersecurity Threat Advisory: Critical WatchGuard firewall vulnerability
A critical vulnerability, CVE-2025-9242, has been identified in WatchGuard Firebox Network Security Appliances. This flaw exposes affected devices to the public internet and allows unauthenticated remote code execution. Review the details in this Cybersecurity Threat Advisory to understand the potential...
Cybersecurity Threat Advisory: ChaosBot malware exploits Discord
A recently discovered Rust-based malware called ChaosBot is being used compromise computers via Discord channels. Review the details within this Cybersecurity Threat Advisory to learn more and see how to protect your system. What is the threat? ChaosBot is a...
Cybersecurity Threat Advisory: Critical Adobe Commerce flaw
A critical security vulnerability, tracked as CVE-2025-54236 (with a CVSS score of 9.1) is also known as “SessionReaper”. This vulnerability has been uncovered in Adobe Commerce and Magento Open Source. The flaw could allow cybercriminals to takeover customer accounts, putting...
Cybersecurity Threat Advisory: Passwordstate emergency patch released
Click Studios has released an emergency update for Passwordstate 9.9 to address a high-severity security vulnerability. According to the changelog, the flaw could be exploited to bypass authentication. Review the details in this Cybersecurity Threat Advisory to reduce your risk...
Cybersecurity Threat Advisory: Citrix patches NetScaler flaws
Citrix has issued patches for three zero-day vulnerabilities affecting NetScaler ADC and Gateway, including one that attackers have already begun exploiting. Review the details in this Cybersecurity Threat Advisory to reduce your risk from these threats. What is the threat?...
Cybersecurity Threat Advisory: Global Microsoft Exchange attack
A recent cyber campaign has compromised over 70 Microsoft Exchange servers across 26 countries by injecting JavaScript-based keyloggers into Outlook Web Access (OWA) login pages. Review the details of this Cybersecurity Threat Advisory to safeguard against these vulnerabilities. What is...
