Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Malicious VS Code extension impersonating Clawdbot
Security researchers discovered a malicious Visual Studio Code (VS Code) extension named “ClawdBot Agent” impersonating the trending AI assistant Clawdbot. Although it offers functional AI coding features, the extension secretly deploys a weaponized remote access tool on Windows systems immediately...
Cybersecurity Threat Advisory: Microsoft Office zero-day vulnerability
The threat posed by CVE‑2026‑21509 stems from how Microsoft Office handles untrusted inputs during key OLE (Object Linking and Embedding) security decisions. Review the Cybersecurity Threat Advisory below to learn more and reduce your exposure. What is the threat? With...
Cybersecurity Threat Advisory: Zero-day Cisco vulnerability
CVE‑2026‑20045 is a critical zero‑day vulnerability impacting multiple Cisco Unified Communications products and Webex Calling Dedicated Instances. Successful exploitation allows an unauthenticated attacker to achieve remote code execution. Continue reviewing this Cybersecurity Threat Advisory to learn how to mitigate your...
Cybersecurity Threat Advisory: Critical VMware vCenter Server vulnerability
CISA has added a critical VMware vCenter Server vulnerability to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. The flaw is tracked as CVE‑2024‑37079 with a CVSS score of 9.8. It was originally patched in June 2024...
Cybersecurity Threat Advisory: Critical FortiCloud bypass remains unpatched
Fortinet has confirmed that critical authentication bypass vulnerabilities affecting FortiCloud Single Sign-On (SSO) remain exploitable, even in environments that have already applied recent patches. Attackers are actively abusing these flaws, and Fortinet expects to issue additional fixes within the next...
Cybersecurity Threat Advisory: Telnet authentication bypass flaw
A critical security vulnerability has been identified in the GNU InetUtils Telnet daemon (telnetd) that allows unauthenticated attackers to obtain root-level access. The issue was introduced in 2015 and went undetected for nearly 11 years. Review this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: DLL sideloading backdoors via LinkedIn messages
A multi‑faceted phishing campaign is using LinkedIn private messages to deliver weaponized payloads that execute through DLL sideloading. The activity involves legitimate‑looking PDFs, a malicious sideloaded DLL, a Python interpreter PE, and decoy archives. Review the recommendations in this Cybersecurity...
Cybersecurity Threat Advisory: Malicious browser extension in ClickFix variant
Security researchers have uncovered an active malvertising campaign abusing a fake ad‑blocking extension that intentionally crashes Google Chrome and Microsoft Edge to trick users into executing malicious commands—a new evolution of the ClickFix technique known as “CrashFix.” Read the Cybersecurity...
Cybersecurity Threat Advisory: Critical DOS vulnerability in Palo Alto Networks
Palo Alto Networks has patched a high‑severity PAN‑OS vulnerability (CVE‑2026‑0227, CVSS 7.7) that allows unauthenticated attackers to disrupt GlobalProtect VPN gateways and portals, potentially forcing affected firewalls into maintenance mode. Review this Cybersecurity Threat Advisory to protect your clients’ systems...
Cybersecurity Threat Advisory: Path traversal RCE in Gogs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed active exploitation of a critical vulnerability in the self-hosted Git service Gogs, adding it to the Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch agencies must apply mitigations or discontinue...
