Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical ServiceNow vulnerability
ServiceNow has disclosed a critical vulnerability, tracked as CVE-2026-6875, with a CVSS score of 9.5, that could allow unauthenticated attackers to execute code in affected ServiceNow environments. The flaw is classified as a sandbox escape vulnerability and affects both hosted...
Cybersecurity Threat Advisory: SilverFox deploys ValleyRAT rootkit
SilverFox threat actors are actively running a ValleyRAT campaign to bypass security controls, escalate privileges, and maintain deep system access while avoiding detection. Organizations should treat this as a high-priority threat. Continue reading this Cybersecurity Threat Advisory to protect against...
Cybersecurity Threat Advisory: Adobe ColdFusion exploited
Adobe has confirmed that attackers are actively exploiting CVE-2026-48282, a maximum-severity vulnerability in Adobe ColdFusion. Threat intelligence reports indicate exploitation began within hours of disclosure. The flaw affects ColdFusion versions 2025.9, 2023.20, and earlier, allowing remote code execution on unpatched...
Cybersecurity Threat Advisory: EvilTokens targets Microsoft 365
Recent research describes a phishing kit called EvilTokens. It is actively targeting organizations in the U.S. and Europe, especially those in finance and other high-value sectors. Barracuda recommends deploying browser-aware phishing analysis and strengthening Microsoft 365 OAuth and device-code controls....
Cybersecurity Threat Advisory: AryStinger malware exploits legacy routers
AryStinger is a newly discovered malware family that takes over outdated home and small office (SOHO) routers. Researchers at QiAnXin XLab have identified at least 4,300 infected legacy Realtek-based routers. Read the Cybersecurity Threat Advisory to mitigate your clients’ risk...
Cybersecurity Threat Advisory: PAN-OS GlobalProtect exploit
Palo Alto Networks has confirmed that attackers are actively exploiting a security flaw in PAN-OS GlobalProtect, tracked as CVE-2026-0257 with a CVSS score of 7.8. The vulnerability affects both on-premises firewalls and Prisma Access. Review the Cybersecurity Threat Advisory for...
Cybersecurity Threat Advisory: NinjaOne RMM phishing campaign
A recent phishing campaign is using a legitimate remote access tool to take over victims’ computers, all without deploying malware. This active operation currently targets Brazilian organizations. Attackers trick employees into installing a legitimate software agent that hands over remote...
Cybersecurity Threat Advisory: Fortinet credential exposure
Security researchers have reported a large-scale “FortiBleed” compromise involving exposed Fortinet/FortiGate firewall and VPN credentials. The incident could affect tens of thousands of devices worldwide. Review the Cybersecurity Threat Advisory now to protect your clients’ systems. What is the threat?...
Cybersecurity Threat Advisory: Check Point VPN authentication bypass vulnerability exploited
CISA has issued an emergency directive requiring U.S. federal agencies to secure Check Point Remote Access VPN, Mobile Access, and Spark firewall deployments following active exploitation of a critical zero-day vulnerability (CVE-2026-50751). Continue reading this Cybersecurity Threat Advisory to learn...
