Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: RediShell allows RCE in Redis

Cybersecurity Threat Advisory: RediShell allows RCE in Redis

Redis has disclosed CVE-2025-49844, a critical remote code execution vulnerability known as RediShell, with a CVSS score of 10.0. The flaw has existed for over 13 years and could allow attackers to run arbitrary commands on vulnerable systems. Thousands of...

/ October 8, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Oracle EBS flaw

Cybersecurity Threat Advisory: Critical Oracle EBS flaw

Oracle released an emergency update for its E-Business Suite to address the critical vulnerability CVE-2025-61882 ( with a CVSS of 9.8) because it was actively being exploited by threat actors, particularly the Cl0p ransomware group, in a recent wave of...

/ October 8, 2025
cybersecurity
Government shut-down heightens cybersecurity risks

Government shut-down heightens cybersecurity risks

As the U.S. government enters its first full week with operations ground to a halt, experts fear that there will be cybersecurity ramifications. The numbers paint a grim picture: According to Department of Homeland Security planning documents, approximately 65 percent...

/ October 7, 2025
Cybersecurity Awareness Month: Simple steps for cyber safety in 2025

Cybersecurity Awareness Month: Simple steps for cyber safety in 2025

October 1 marked the beginning of Cybersecurity Awareness Month (CAM), an annual initiative dedicated to raising awareness about cybersecurity and promoting safe online practices. Each October, governments, public sector agencies and private sector partners join forces, organizing events and media...

/ October 6, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...

/ October 2, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware zero-day vulnerability exploited

Cybersecurity Threat Advisory: VMware zero-day vulnerability exploited

Threat actors have actively exploited a zero-day vulnerability in Broadcom VMware Tools and VMware Aria Operations (CVE-2025-41244) in the wild. The China-linked group UNC5174 (aka Uteus/Uetus) has exploited the flaw for privilege escalation in VMware-targeted attacks. Continue reading this edition...

/ October 1, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco IOS and IOS XE SNMP vulnerability

Cybersecurity Threat Advisory: Cisco IOS and IOS XE SNMP vulnerability

Several vulnerability advisories were issued that impact devices using Cisco IOS and Cisco IOS XE firmware. Most notably, CVE-2025-20352 has already been observed in active exploitation. Continue reading this Cybersecurity Threat Advisory to mitigate your risks from this vulnerability. What...

/ October 1, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SonicWall VPNs targeted by Akira ransomware

Cybersecurity Threat Advisory: SonicWall VPNs targeted by Akira ransomware

Akira ransomware operators have launched an aggressive campaign targeting SonicWall VPN appliances. Attackers have already breached accounts protected by multi-factor authentication (MFA) successfully, leveraging vulnerabilities in SonicWall Secure Mobile Access (SMA) and SSL-VPN portals. The campaign is characterized by rapid...

/ September 30, 2025
MSPs
MSPs are redefining supply chain defense

MSPs are redefining supply chain defense

As a journalist covering the cybersecurity business landscape, I’ve closely followed the growing impact of supply chain attacks throughout 2025. These incidents continue to escalate in frequency and complexity, affecting organizations of all sizes across industries. This two-part series brings...

/ September 30, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco ASA zero-day vulnerability

Cybersecurity Threat Advisory: Cisco ASA zero-day vulnerability

Threat actors are actively exploiting two critical zero-day vulnerabilities in Cisco Secure Firewall ASA and FTD software. CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) allow attackers to chain exploits that bypass authentication and execute malicious code. In response, the U.S....

/ September 26, 2025