Cybersecurity Threat Advisory: Fake password managers
LastPass has issued a warning about a widespread cyber campaign targeting macOS users. Malicious software is being disguised as legitimate applications and distributed through fake GitHub repositories. Read this Cybersecurity Threat Advisory to stay informed and protect your data. What...
Cybersecurity Threat Advisory: SonicWall VPN attacked
There has been a rise in ransomware attacks targeting SonicWall. Many incidents trace back to migrations from Gen 6 to Gen 7 firewalls, where local user passwords were carried over without being reset. Review this Cybersecurity Threat Advisory to ensure...
Cybersecurity Threat Advisory: Microsoft Exchange high-severity vulnerability
CVE-2025-53786 is a high-severity vulnerability affecting Microsoft Exchange servers, allowing attackers to move laterally within Microsoft cloud environments and potentially compromise entire domains. Currently, approximately 29,000 Exchange servers remain unpatched, leaving organizations exposed to significant risk. Review the information in...
Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability
CrushFTP has disclosed a new critical vulnerability, CVE-2025-54309, which is currently being exploited in the wild. One indicator of compromise is a “last_logins” value set for internal default accounts. Review the details in this Cybersecurity Threat Advisory to help minimize...
Cybersecurity Threat Advisory: New OpenSHH vulnerabilities
Two OpenSSH vulnerabilities, CVE-2025-26465 and CVE-2025-26466, affect multiple versions of OpenSSH. These vulnerabilities can be exploited for man-in-the-middle (MitM) attacks or cause a denial-of-service (DoS) attack. Review this Cybersecurity Threat Advisory to mitigate your risk. What is the threat? OpenSSH...
Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability
A pre-authentication deserialization vulnerability has been discovered in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) and is already being used in zero-day attacks. Review the details within this Cybersecurity Threat Advisory to protect your organization. What...
Cybersecurity Threat Advisory: Aviatrix Controller vulnerability
A critical security vulnerability in the Aviatrix Controller cloud networking platform has been discovered and is actively exploited by threat actors to deploy backdoors and cryptocurrency miners. Multiple cloud deployments have reported that they have been compromised following this disclosure....
Cybersecurity Threat Advisory: CoinLurker malware exploit
Threat actors have begun using bogus software updates to deliver a new stealer malware known as “CoinLurker.” This malware uses cutting-edge obfuscation and anti-analysis techniques, making them frighteningly effective for threat actors. Continue reading this Cybersecurity Threat Advisory to learn...
Cybersecurity Threat Advisory: 7-Zip vulnerability
A security vulnerability in 7-Zip allows remote attackers to bypass defenses and execute malicious code via specially crafted archives. Read this Cybersecurity Threat Advisory to learn how to mitigate your risk from this new threat. What is the threat? The...
Cybersecurity Threat Advisory: New ransomware variant to watch for
A new ransomware family, Ymir, has been discovered. It is an unconventional combination of memory management functions (like malloc, memmove, and memcmp) that executes malicious code directly in the memory. Continue reading this Cybersecurity Threat Advisory to learn how to...
