Category: Featured
Cybersecurity Threat Advisory: Critical Ingress vulnerabilities
Researchers identified several critical vulnerabilities in the Ingress NGINX Controller for Kubernetes, including CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974. These flaws enables threat actors to execute unauthenticated remote code. Review the details of this Cybersecurity Threat Advisory to keep your...
Cybersecurity Threat Advisory: RCE vulnerability in Veeam Backup & Replication
A vulnerability, tracked as CVE-2025-23120, with a CVSS score of 9.9, has been discovered in Veeam Backup & Replication. This vulnerability can allow attackers to exploit the system and execute remote code on the Veeam Backup Server. Continue reading this...
Cybersecurity Threat Advisory: Critical Next.js vulnerability
A critical security flaw, CVE-2025-29927, with a CVSS score of 9.1, has been found affecting the Next.js React framework. This vulnerability lets attackers bypass middleware authorization checks and access parts of a web application that should remain restricted. To protect...
Cybersecurity Threat Advisory: BYOVD attacks leveraged by Medusa ransomware
The Medusa ransomware-as-a-service (RaaS) operation has recently been observed using a malicious driver named ABYSSWORKER in Bring Your Own Vulnerable Driver (BYOVD) attacks. This technique allows threat actors to disable security software by exploiting legitimate, vulnerable drivers to gain kernel-level...
Threat Spotlight: A million PhaaS attacks in two months
The first few months of 2025 saw a massive spike in phishing-as-a-service (PhaaS) attacks targeting organizations around the world, with more than a million attacks detected by Barracuda systems in January and February. The attacks were powered by several leading...
Tech Time Warp: The 10-day takeover of a botnet
In 2009, researchers from the University of California, Santa Barbara, outsmarted the cybercriminals behind the notorious Torpig botnet. They uncovered critical knowledge about how this type of malware works. Learn how in this edition of Tech Time Warp. Researchers first...
MSP opportunity: Tackling the chronic waste of cloud resources
Two reports reveal that most organizations have made little progress in optimizing their cloud infrastructure resource consumption. This gap presents a unique opportunity for managed service providers (MSPs) to address the growing demand for expertise in this area. Insights into...
Cybersecurity Threat Advisory: New RAT malware
Microsoft has issued a warning about a new, sophisticated remote access trojan (RAT) called StilachiRAT. Threat actors are actively using StilachiRAT to evade detection to establish persistent access to compromised systems. Continue reading this Cybersecurity Threat Advisory to protect your...
Cybersecurity Threat Advisory: Critical AMI BMC vulnerability
AMI has disclosed a critical vulnerability, CVE-2024-54085, with a CVSS score of 10.0. This vulnerability allows attackers to gain remote access and execute malicious commands. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is...
Cybersecurity Threat Advisory: Apache Tomcat vulnerability
A severe remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively exploited in the wild, allowing attackers to gain server control using a simple PUT request. Review the details in this Cybersecurity Threat Advisory to learn...
