Tag: critical vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability

A newly disclosed Microsoft Outlook vulnerability, tracked as CVE-2025-62562, could allow for remote code execution (RCE). Read this Cybersecurity Threat Advisory to mitigate you and your clients’ risk now. What is the threat? This use-after-free vulnerability introduces a use-after-free flaw...

/ December 11, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

A critical security vulnerability in Grafana Enterprise could allow attackers to escalate privileges and impersonate users. Tracked as CVE-2025-41115, the flaw carries the maximum CVSS score of 10.0. Continue reading this Cybersecurity Threat Advisory to learn how to protect you...

/ November 25, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Linux sudo vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Linux sudo vulnerability

Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...

/ October 2, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Microsoft Entra ID vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Microsoft Entra ID vulnerability

A critical token validation vulnerability, tracked as CVE-2025-55241 with a CVSS of 10, in Microsoft Entra ID has been discovered. This flaw could have allowed attackers to impersonate any user, including global admins, across any tenant. Continue reading this Cybersecurity...

/ September 23, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SonicWall SMA arbitrary file upload vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: SonicWall SMA arbitrary file upload vulnerability

Attackers are actively exploiting CVE-2025-40599, a critical vulnerability in SonicWall’s Secure Mobile Access (SMA) devices, to upload arbitrary files and gain unauthorized access. This flaw enables them to execute malicious code and compromise affected systems. The Akira ransomware group is...

/ August 8, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability

CrushFTP has disclosed a new critical vulnerability, CVE-2025-54309, which is currently being exploited in the wild. One indicator of compromise is a “last_logins” value set for internal default accounts. Review the details in this Cybersecurity Threat Advisory to help minimize...

/ July 23, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical CrushFTP vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical CrushFTP vulnerability

A critical CrushFTP, CVE-2025-2825, with a CVSS score of 9.8, flaw has been discovered. It enables attackers to bypass authentication on CrushFTP servers, posing a high-severity risk to corporate environments. Continue reading this Cybersecurity Threat Advisory for details on how...

/ April 10, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Cisco backdoor flaw
FeaturedSecurity

Cybersecurity Threat Advisory: Exploited Cisco backdoor flaw

CVE-2024-20439 is a critical authentication bypass vulnerability in Cisco’s Smart Licensing Utility (CSLU). Attackers exploit this backdoor to gain unauthorized administrative access to vulnerable systems. The vulnerability affects specific versions of the standalone CSLU software, which is used to manage...

/ April 5, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Next.js vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Next.js vulnerability

A critical security flaw, CVE-2025-29927, with a CVSS score of 9.1, has been found affecting the Next.js React framework. This vulnerability lets attackers bypass middleware authorization checks and access parts of a web application that should remain restricted. To protect...

/ March 25, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical AMI BMC vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical AMI BMC vulnerability

AMI has disclosed a critical vulnerability, CVE-2024-54085, with a CVSS score of 10.0. This vulnerability allows attackers to gain remote access and execute malicious commands. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is...

/ March 19, 2025
1 2 3 6