Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: AryStinger malware exploits legacy routers
AryStinger is a newly discovered malware family that takes over outdated home and small office (SOHO) routers. Researchers at QiAnXin XLab have identified at least 4,300 infected legacy Realtek-based routers. Read the Cybersecurity Threat Advisory to mitigate your clients’ risk...
Cybersecurity Threat Advisory: PAN-OS GlobalProtect exploit
Palo Alto Networks has confirmed that attackers are actively exploiting a security flaw in PAN-OS GlobalProtect, tracked as CVE-2026-0257 with a CVSS score of 7.8. The vulnerability affects both on-premises firewalls and Prisma Access. Review the Cybersecurity Threat Advisory for...
Cybersecurity Threat Advisory: NinjaOne RMM phishing campaign
A recent phishing campaign is using a legitimate remote access tool to take over victims’ computers, all without deploying malware. This active operation currently targets Brazilian organizations. Attackers trick employees into installing a legitimate software agent that hands over remote...
Cybersecurity Threat Advisory: Fortinet credential exposure
Security researchers have reported a large-scale “FortiBleed” compromise involving exposed Fortinet/FortiGate firewall and VPN credentials. The incident could affect tens of thousands of devices worldwide. Review the Cybersecurity Threat Advisory now to protect your clients’ systems. What is the threat?...
Cybersecurity Threat Advisory: Check Point VPN authentication bypass vulnerability exploited
CISA has issued an emergency directive requiring U.S. federal agencies to secure Check Point Remote Access VPN, Mobile Access, and Spark firewall deployments following active exploitation of a critical zero-day vulnerability (CVE-2026-50751). Continue reading this Cybersecurity Threat Advisory to learn...
Cybersecurity Threat Advisory: Critical Connectwise Automate vulnerability
ConnectWise has disclosed a high-impact vulnerability in its ConnectWise Automate platform that could allow attackers to bypass critical integrity validation during the agent’s plugin loading and self-update mechanisms, potentially enabling malicious code execution on affected on-premises deployments. Read this Cybersecurity...
Cybersecurity Threat Advisory: ClickFix attacks
This Cybersecurity Threat Advisory has been revised based on a proactive threat hunt by Barracuda Managed XDR, which identified additional indicators of compromise (IOCs) and informed enhanced defensive guidance for customers. Threat actors are actively exploiting a critical Ghost CMS...
Cybersecurity Threat Advisory: Exchange on-premise OWA vulnerability exploited
A Microsoft Exchange Server Outlook Web Access (OWA) spoofing vulnerability, tracked as CVE‑2026‑42897, is actively being exploited in the wild. This issue affects Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition across all update levels. Continue reading...
Cybersecurity Threat Advisory: Cisco Catalyst SD-WAN zero day vulnerability
An authentication bypass zero-day vulnerability, tracked as CVE-2026-20182 with a maximum CVSS score of 10.0, has been identified in Cisco Catalyst SD-WAN Controller and Manager. The vulnerability allows unauthenticated attackers to gain the highest level of administrative access to affected...
Cybersecurity Threat Advisory: RedSun exploits Microsoft Defender real-time protection
A new proof of concept (PoC), RedSun, exploits Windows devices running Microsoft Defender real‑time protection on Windows 10, Windows 11, and Windows Server 2019+. It abuses Defender’s handling of cloud‑tagged files to achieve local privilege escalation to SYSTEM. Read this...
