Tag: Cybersecurity Threat Advisory

Security researchers and CISA have warned that Fortinet FortiWeb appliances with unsupported versions are actively being exploited. Fortinet has issued patches for supported versions, but many organizations still run outdated FortiWeb devices, leaving them exposed. Read the Cybersecurity Threat Advisory...

Vincent Yu / December 5, 2025

Cybersecurity Threat Advisory: Oracle Identity Manager vulnerability

Featured Security

Cybersecurity Threat Advisory: Oracle Identity Manager vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. Read this Cybersecurity Threat Advisory to learn about the current risk and apply relevant patches now. What...

Zachary Beaudet / November 26, 2025

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

A critical security vulnerability in Grafana Enterprise could allow attackers to escalate privileges and impersonate users. Tracked as CVE-2025-41115, the flaw carries the maximum CVSS score of 10.0. Continue reading this Cybersecurity Threat Advisory to learn how to protect you...

Mandeep Gujral / November 25, 2025

Cybersecurity Threat Advisory: 7-Zip symbolic link vulnerability

Featured Security

Cybersecurity Threat Advisory: 7-Zip symbolic link vulnerability

Attackers are actively exploiting a high-severity 7-Zip vulnerability, CVE-2025-11001. Attackers use malicious archives to abuse symbolic links, forcing writes outside the intended extraction directory and enabling remote code execution (RCE) when users interact. Review this Cybersecurity Threat Advisory for remediation...

Sourabh Verma / November 25, 2025

Cybersecurity Threat Advisory: Fortinet FortiWeb vulnerability exploited

Featured Security

Cybersecurity Threat Advisory: Fortinet FortiWeb vulnerability exploited

A Fortinet FortiWeb path traversal-driven authentication bypass vulnerability is actively exploited in the wild, affecting versions prior to 8.0.2. Researchers have observed automated spraying at scale. Review this Cybersecurity Threat Advisory to learn how to best protect your environment and...

Sana Ansari / November 18, 2025

Cybersecurity Threat Advisory: Severe N-able vulnerabilities

Featured Security

Cybersecurity Threat Advisory: Severe N-able vulnerabilities

Two critical vulnerabilities were disclosed by N-able in the N-central RMM platform, with one having a maximum severity rating. To help safeguard you and your customers’ environments, please review the best practices outlined in this Cybersecurity Threat Advisory. What is...

Mandeep Gujral / November 18, 2025

Cybersecurity Threat Advisory: Cisco and Citrix zero-day exploits

Featured Security

Cybersecurity Threat Advisory: Cisco and Citrix zero-day exploits

An advanced threat actor is exploiting two previously disclosed zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix NetScaler ADC to deploy custom malware and maintain persistence on targeted networks. Reports indicate the attacker is chaining appliance exploits to...

Aniket Kapoor / November 17, 2025

Cybersecurity Threat Advisory: Critical Windows Kernel zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical Windows Kernel zero-day vulnerability

CVE-2025-62215 is a Windows Kernel flaw that lets attackers escalate to SYSTEM privileges, persist, access data, and move laterally. Attackers are actively exploiting this zero-day in the wild. Review this Cybersecurity Threat Advisory for best practices and recommendations to mitigate...

Leavar Michel / November 14, 2025

Cybersecurity Threat Advisory: Critical WatchGuard Fireware vulnerability

Featured Security

Cybersecurity Threat Advisory: Critical WatchGuard Fireware vulnerability

CISA has added CVE-2025-9242 to its Known Exploited Vulnerabilities (KEV) catalog following confirmed exploitation in the wild. This critical flaw allows unauthenticated remote code execution (RCE) via malformed IKEv2 VPN packets in WatchGuard Fireware. Continue reading this Cybersecurity Threat Advisory...

Stacey Landrum / November 14, 2025

Categories

Tags

Archives

Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: FortiWeb vulnerabilities in unsupported versions

Cybersecurity Threat Advisory: Oracle Identity Manager vulnerability

Cybersecurity Threat Advisory: Critical Grafana SCIM vulnerability

Cybersecurity Threat Advisory: 7-Zip symbolic link vulnerability

Cybersecurity Threat Advisory: Fortinet FortiWeb vulnerability exploited

Cybersecurity Threat Advisory: Severe N-able vulnerabilities

Cybersecurity Threat Advisory: Cisco and Citrix zero-day exploits

Cybersecurity Threat Advisory: Critical Windows Kernel zero-day vulnerability

Cybersecurity Threat Advisory: Critical WatchGuard Fireware vulnerability