Cybersecurity Threat Advisory: Apache Tika vulnerability
A maximum-severity Extensible Markup Language (XML) External Entity (XXE) injection vulnerability has been disclosed in Apache Tika, tracked as CVE-2025-66516 with a CVSS score of 10.0. Review this Cybersecurity Threat Advisory now to mitigate your risk and potential impact. What...
Cybersecurity Threat Advisory: 7-Zip symbolic link vulnerability
Attackers are actively exploiting a high-severity 7-Zip vulnerability, CVE-2025-11001. Attackers use malicious archives to abuse symbolic links, forcing writes outside the intended extraction directory and enabling remote code execution (RCE) when users interact. Review this Cybersecurity Threat Advisory for remediation...
Cybersecurity Threat Advisory: SonicWall VPNs targeted by Akira ransomware
Akira ransomware operators have launched an aggressive campaign targeting SonicWall VPN appliances. Attackers have already breached accounts protected by multi-factor authentication (MFA) successfully, leveraging vulnerabilities in SonicWall Secure Mobile Access (SMA) and SSL-VPN portals. The campaign is characterized by rapid...
Cybersecurity Threat Advisory: Severe WebDAV vulnerability
Microsoft has disclosed a serious zero-day vulnerability in the Web Distributed Authoring and Versioning (WebDAV) protocol, identified as CVE-2025-33053, with a CVSS score of 8.8. Actively exploited by the Stealth Falcon APT group, this vulnerability enables remote code execution (RCE)...
