Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ServiceNow AI Platform vulnerability
ServiceNow has revealed details of a critical vulnerability—now patched—in its AI Platform that could allow an unauthenticated attacker to impersonate any user and execute actions with that user’s privileges. Review this Cybersecurity Threat Advisory now to mitigate your risk and...
Cybersecurity Threat Advisory: Urgent patch for Trend Micro RCE flaw
Trend Micro has released security updates addressing multiple vulnerabilities in on-premises versions of Apex Central. The most critical issue, CVE-2025-69258 with a CVSS score of 9.8, is a remote code execution vulnerability in LoadLibraryEX. Two other vulnerabilities, CVE-2025-69259 with a...
Cybersecurity Threat Advisory: Unauthenticated RCE vulnerability in n8n
A severe unauthenticated remote code execution (RCE) vulnerability nicknamed “Ni8mare” has been discovered in the n8n workflow automation platform. This flaw, tracked as CVE-2026-21858, allows attackers to take full control of vulnerable n8n instances without needing credentials. Read this Cybersecurity Threat...
Cybersecurity Threat Advisory: AdonisJS Bodyparser vulnerability
A severe security flaw has been identified in the @adonisjs/bodyparser npm package, a core component of the AdonisJS TypeScript-first web framework. Tracked as CVE-2026-21440, the vulnerability stems from a path traversal issue in the multipart file handling mechanism. If exploited,...
Cybersecurity Threat Advisory: Critical n8n vulnerability
A severe vulnerability, tracked as CVE-2025-68668 with a CVSS score of 9.9, was recently discovered in n8n, an open-source workflow automation platform. The flaw enables authenticated users with create or modify workflows permissions to execute arbitrary system commands on the...
Cybersecurity Threat Advisory: Critical vulnerability in IBM API Connect
A newly disclosed security vulnerability, CVE-2025-13915, affects IBM API Connect. This flaw could allow a remote attacker to bypass authentication and gain unauthorized access to applications. Review this Cybersecurity Threat Advisory for steps to mitigate your risk. What is the...
Cybersecurity Threat Advisory: MongoDB RCE vulnerability
MongoDB has disclosed a high‑severity vulnerability, tracked as CVE‑2025‑14847, that could allow unauthenticated remote code execution (RCE). The flaw stems from the Zlib compression handler and can be exploited with low complexity, posing a serious risk to data confidentiality and...
Cybersecurity Threat Advisory: HPE OneView vulnerability enables RCE
A newly disclosed vulnerability, tracked as CVE‑2025‑37164, affects the Hewlett Packard Enterprise (HPE) OneView product and has been assigned a CVSS score of 10.0. Read this Cybersecurity Threat Advisory for more details and recommended steps to protect your environment. What...
Cybersecurity Threat Advisory: n8n vulnerability
The n8n workflow automation platform vulnerability, tracked as CVE‑2025‑68613, enables authenticated attackers to execute arbitrary code via expression injection in workflow definitions. Review this Cybersecurity Threat Advisory for actionable steps to mitigate your risk from this flaw. What is the...
Cybersecurity Threat Advisory: New SantaStealer malware
A new malware-as-a-service (MaaS) info-stealer, SantaStealer, is actively promoted on Telegram and underground forums, with operators reportedly beginning its release ahead of year-end 2025. Read this Cybersecurity Threat Advisory to learn how to reduce your risk from this emerging threat....
