Cybersecurity Threat Advisory: FortiBleed credential exposure campaign
Recent reporting has detailed an active credential exposure campaign dubbed “FortiBleed” that targets internet-facing FortiGate firewall devices. The activity involves a custom tool, often referred to as FortiGateSniffer, that enables attackers to harvest sensitive information. This includes VPN credentials and...
Cybersecurity Threat Advisory: Check Point VPN authentication bypass vulnerability exploited
CISA has issued an emergency directive requiring U.S. federal agencies to secure Check Point Remote Access VPN, Mobile Access, and Spark firewall deployments following active exploitation of a critical zero-day vulnerability (CVE-2026-50751). Continue reading this Cybersecurity Threat Advisory to learn...
Cybersecurity Threat Advisory: “Copy Fail” Linux vulnerability
Security researchers have disclosed CVE-2026-31431, commonly known as “Copy Fail,” a high-impact Linux local privilege escalation vulnerability affecting multiple distributions, including enterprise and cloud-optimized variants. Read this Cybersecurity Threat Advisory now to mitigate you and your clients’ risk. What is...
Cybersecurity Threat Advisory: Adobe Acrobat Reader zero-day
Reports confirm active exploitation of a previously unknown zero‑day vulnerability in Adobe Acrobat Reader since at least December 2025. Attackers are delivering malicious PDF files via phishing and other social engineering methods to achieve remote code execution when the file...
Cybersecurity Threat Advisory: RoadK1ll Node.js WebSocket implant
Recent reporting has identified a Node.js–based post-exploitation implant known as RoadK1ll, observed in real-world intrusions as a lateral movement and network pivoting tool. Read this Cybersecurity Threat Advisory to protect you and your clients’ environments. What is the threat? RoadK1ll...
Cybersecurity Threat Advisory: Malware campaign targeting HR workflows
A new malware campaign known as BlackSanta is actively targeting HR and recruitment personnel through realistic job‑related lures and weaponized documents. Once victims open malicious files, the malware deploys a highly capable EDR‑killer designed to disable endpoint protection before delivering...
Cybersecurity Threat Advisory: Dell RecoverPoint for Virtual Machines zero-day
Security researchers from Google Mandiant and the Google Threat Intelligence Group (GTIG) have identified active exploitation of a maximum‑severity zero‑day vulnerability in Dell RecoverPoint for Virtual Machines (RP4VM) by a suspected China‑nexus threat cluster tracked as UNC6201. Read this Cybersecurity...
Cybersecurity Threat Advisory: Critical SolarWinds Web Help Desk flaws
SolarWinds has released security updates addressing multiple vulnerabilities in its Web Help Desk (WHD) product, including four critical flaws—CVE‑2025‑40551, CVE‑2025‑40552, CVE‑2025‑40553, and CVE‑2025‑40554—that enable authentication bypass and remote code execution (RCE). These issues allow attackers to gain unauthorized access and...
Cybersecurity Threat Advisory: FortiWeb vulnerabilities in unsupported versions
Security researchers and CISA have warned that Fortinet FortiWeb appliances with unsupported versions are actively being exploited. Fortinet has issued patches for supported versions, but many organizations still run outdated FortiWeb devices, leaving them exposed. Read the Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Critical vulnerability in Motex Lanscope
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-61932, a critical vulnerability in Motex Lanscope Endpoint Manager, to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, rated CVSS 9.8, allows unauthenticated remote...
