Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Interlock targets Cisco Secure FMC in zero-day
Recent reporting from Amazon Threat Intelligence and multiple security researchers confirms that the Interlock ransomware group is actively exploiting a critical remote code execution vulnerability in Cisco Secure Firewall Management Center (FMC) Software. Read this Cybersecurity Threat Advisory to protect...
Cybersecurity Threat Advisory: Active exploitation of Microsoft SharePoint RCE
A critical remote code execution (RCE) vulnerability in Microsoft SharePoint caused by the deserialization of untrusted data has been discovered. Authentication is not required by attackers on unprotected systems. Review the Cybersecurity Threat Advisory now to protect you and your...
Cybersecurity Threat Advisory: FortiCloud SSO exploitation
Threat actors are actively exploiting CVE‑2026‑24858 to log into FortiOS and other Fortinet products via FortiCloud SSO (when enabled), create persistent local admin accounts, and steal device configuration files. Review the Cybersecurity Threat Advisory now to protect you and your...
Cybersecurity Threat Advisory: Critical Veeam Backup flaws
Veeam has released critical security updates for its Backup & Replication product to address seven high‑severity vulnerabilities that could allow attackers to take over backup servers and tamper with stored backups. Users can exploit these flaws if they have valid...
Cybersecurity Threat Advisory: “Zombie ZIP” archive evasion technique
A new evasion technique known as Zombie ZIP is exposing blind spots in how security tools scan archived files. By manipulating ZIP metadata, attackers can conceal malware inside archives that appear corrupted but still deliver payloads on compromised systems. Review...
Cybersecurity Threat Advisory: Apache ZooKeeper vulnerability
Recently, two important‑level severity vulnerabilities were identified in Apache ZooKeeper, a service widely used for configuration management and naming in distributed applications. These issues make timely security updates critical. The vulnerabilities could allow attackers to access sensitive configuration data or...
Cybersecurity Threat Advisory: Malware campaign targeting HR workflows
A new malware campaign known as BlackSanta is actively targeting HR and recruitment personnel through realistic job‑related lures and weaponized documents. Once victims open malicious files, the malware deploys a highly capable EDR‑killer designed to disable endpoint protection before delivering...
Cybersecurity Threat Advisory: Google security page spoofed in PWA attack
A phishing campaign is using a spoofed Google Account security page to distribute a malicious Progressive Web App (PWA). The app is designed to steal one‑time passcodes, collect cryptocurrency wallet addresses, and turn victims’ browsers into proxies for attacker traffic....
Cybersecurity Threat Advisory: APT28 targets Windows and Office via MSHTML zero‑day
Multiple security researchers and Microsoft have confirmed that the threat actor APT28 (Fancy Bear / Forest Blizzard) actively exploited a zero‑day vulnerability in the Microsoft MSHTML framework (CVE‑2026‑21513) prior to its fix in the February 2026 Patch Tuesday release. Read...
Cybersecurity Threat Advisory: PromptSpy Android malware abusing Google Gemini AI
Reported by SecurityWeek on February 20, 2026, PromptSpy is a newly identified Android malware family developed by threat actors. Its standout capability is using Google Gemini at runtime to analyze on‑screen content and help the malware remain installed and active...
