Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ZeroDayRAT enables takeover on Android & iOS
A new commercial mobile spyware platform, ZeroDayRAT, is being promoted to cybercriminals on Telegram as a tool that provides full remote control of compromised Android and iOS devices. Researchers at mobile threat hunting company iVerify describe it as a “complete...
Cybersecurity Threat Advisory: Warlock (Storm-2603) exploits SmarterMail vulnerability
SmarterTools has confirmed that the Warlock ransomware group (Storm‑2603) breached its environment by exploiting an unpatched SmarterMail instance. Current intelligence indicates the same SmarterMail vulnerability is being actively used in the wild to gain initial access and deploy Warlock ransomware....
Cybersecurity Threat Advisory: Critical FortiClientEMS SQL injection vulnerability
An improper neutralization of special elements used in SQL commands in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands through specially crafted HTTP requests. This vulnerability, tracked as CVE‑2026‑21643 with a CVSS score of...
Cybersecurity Threat Advisory: Critical RCE Flaw in BeyondTrust
A critical pre-authentication remote code execution (RCE) vulnerability has been identified in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). If left unpatched, it may result in full system compromise, data loss, or service disruption. Review this Cybersecurity Threat...
Cybersecurity Threat Advisory: Supply chain attack impacting Notepad++
Last updated on February 9, 2026 with how Barracuda is helping partners and customers. A supply‑chain compromise affecting Notepad++’s official update infrastructure allowed threat actors to redirect some users to attacker‑controlled downloads, potentially leading to malware delivery and code execution...
Cybersecurity Threat Advisory: Compromised OpenVSX delivering GlassWorm malware
A new GlassWorm malware campaign is targeting macOS developer systems through compromised OpenVSX extensions. Continue reading this Cybersecurity Threat Advisory to learn more about this threat and how to protect your environment. What is the threat? A threat actor gained...
Cybersecurity Threat Advisory: Tsundere Bot malware loader
A new malware loader, Tsundere Bot, is increasingly used by criminal Initial Access Brokers (IABs) to compromise corporate environments and pave the way for ransomware attacks. Recent public reporting links Tsundere Bot to ClickFix‑style phishing, malicious loaders delivered through user...
Cybersecurity Threat Advisory: Ivanti RCE vulnerabilities
Security researchers at Ivanti have disclosed two high‑severity vulnerabilities in the Endpoint Manager Mobile (EPMM) platform, tracked as CVE‑2026‑1340 and CVE‑2026‑1281, both carrying a CVSS score of 9.8. Ivanti has released an initial patch, with full mitigation expected in an...
Cybersecurity Threat Advisory: TamperedChef—Malicious PDF editing application
TamperedChef is an information‑stealing malware distributed through a trojanized PDF editing tool called AppSuite PDF Editor. The application is promoted using malicious websites and Google Ads, enticing users to download what appears to be a legitimate installer. Review this Cybersecurity...
Cybersecurity Threat Advisory: Critical SolarWinds Web Help Desk flaws
SolarWinds has released security updates addressing multiple vulnerabilities in its Web Help Desk (WHD) product, including four critical flaws—CVE‑2025‑40551, CVE‑2025‑40552, CVE‑2025‑40553, and CVE‑2025‑40554—that enable authentication bypass and remote code execution (RCE). These issues allow attackers to gain unauthorized access and...
