Tag: critical vulnerability

Security experts identified a critical PostgreSQL vulnerability, CVE-2025-1094, with a CVSS of 8.1. The vulnerability poses a significant risk to database integrity in enterprise and production environments. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks. What...

Mandeep Gujral / February 28, 2025

Cybersecurity Threat Advisory: Critical Juniper vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Juniper vulnerability

A critical vulnerability, CVE-2025-21589, is found in Juniper Networks’ Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This flaw enables threat actors to bypass authentication mechanisms and gain administrative control over affected devices. Continue reading this Cybersecurity...

Spartak Myrto / February 19, 2025

Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability

Featured Security

Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability

A critical security vulnerability was identified in Microsoft Power Platform’s SharePoint connector. The flaw allows attackers to harvest user credentials and perform unauthorized actions within the platform upon a successful exploitation. Continue reading this Cybersecurity Threat Advisory to learn how...

Stacey Landrum / February 4, 2025

Cybersecurity Threat Advisory: Aviatrix Controller vulnerability

Featured Security

Cybersecurity Threat Advisory: Aviatrix Controller vulnerability

A critical security vulnerability in the Aviatrix Controller cloud networking platform has been discovered and is actively exploited by threat actors to deploy backdoors and cryptocurrency miners. Multiple cloud deployments have reported that they have been compromised following this disclosure....

Zachary Beaudet / January 15, 2025

Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN

Featured Security

Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN

A critical Ivanti Connect Secure VPN vulnerability, identified as CVE-2025-0282, was disclosed. Threat actors are actively exploiting it in the wild, primarily targeting organizations relying on Ivanti’s Zero Trust Access (ZTA) solutions. Review this Cybersecurity Threat Advisory to see how...

Vincent Yu / January 13, 2025

Cybersecurity Threat Advisory: PAN-OS critical vulnerability

Featured Security

Cybersecurity Threat Advisory: PAN-OS critical vulnerability

A critical vulnerability, tracked as CVE-2024-3393 with a CVSS score of 8.7, has been identified in Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to send specially crafted packets that can reboot affected firewalls, leading to potential service...

Spartak Myrto / December 31, 2024

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

Featured Security

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

A critical vulnerability, identified as CVE-2024-50623, has been discovered in Cleo’s file transfer software suite. This vulnerability allows attackers to exploit an unrestricted file upload and download flaw, potentially leading to remote code execution (RCE) on vulnerable systems. Continue reading...

Stacey Landrum / December 10, 2024

Cybersecurity Threat Advisory: WordPress plugin critical vulnerabilities

Featured Security

Cybersecurity Threat Advisory: WordPress plugin critical vulnerabilities

Two critical security flaws have been identified in a WordPress plugin—Anti-Spam by CleanTalk. This plugin is installed on more than 200,000 websites. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks from these vulnerabilities. What is...

Mandeep Gujral / November 28, 2024

Cybersecurity Threat Advisory: Okta username flaw

Featured Security

Cybersecurity Threat Advisory: Okta username flaw

Researchers have discovered a critical vulnerability in Okta which allows an user to authenticate to an account with a username longer than 52 characters without multi-factor authentication (MFA) enabled. Read this Cybersecurity Threat Advisory to learn how this may impact...

Devyn Souza / November 7, 2024

Cybersecurity Threat Advisory: SonicWall VPN vulnerability

Featured Security

Cybersecurity Threat Advisory: SonicWall VPN vulnerability

Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks. Continue reading this Cybersecurity Threat Advisory to learn the tactics these groups are using and how you can reduce the risk of...

Sana Ansari / October 29, 2024

Categories

Tags

Archives

Tag: critical vulnerability

Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL

Cybersecurity Threat Advisory: Critical Juniper vulnerability

Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability

Cybersecurity Threat Advisory: Aviatrix Controller vulnerability

Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN

Cybersecurity Threat Advisory: PAN-OS critical vulnerability

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

Cybersecurity Threat Advisory: WordPress plugin critical vulnerabilities

Cybersecurity Threat Advisory: Okta username flaw

Cybersecurity Threat Advisory: SonicWall VPN vulnerability