Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: High-severity PAN-OS vulnerability
A high-severity authentication bypass vulnerability in PAN-OS software, CVE-2025-0108, was disclosed. This flaw allows unauthenticated attackers with network access to bypass authentication and invoke PHP scripts, compromising system integrity and confidentiality. Read this Cybersecurity Threat Advisory to learn how you can...
Cybersecurity Threat Advisory: Apple critical zero-day vulnerability
Apple has issued emergency security updates to address a critical zero-day vulnerability, CVE-2025-24200, which has been exploited in targeted and “extremely sophisticated” attacks. This vulnerability affects iPhone and iPad users, posing significant risks to user security. Review the details of...
Cybersecurity Threat Advisory: Critical vulnerabilities in Kemp LoadMaster
Kemp LoadMaster Load Balancer contains five high-severity vulnerabilities that can cause major disruptions to a network upon a successful exploitation. Review this Cybersecurity Threat Advisory to learn how to protect against these vulnerabilities. What is the threat? Kemp LoadMaster disclosed...
Cybersecurity Threat Advisory: Severe Cisco ISE vulnerabilities
Two critical vulnerabilities have been identified in Cisco’s Identity Services Engine (ISE). These vulnerabilities can enable attackers to execute arbitrary commands with root privileges and bypass authorization mechanisms, potentially compromising the security and integrity of network access controls. Continue reading...
Cybersecurity Threat Advisory: Critical Azure vulnerabilities
Microsoft revealed two critical vulnerabilities in Microsoft Azure AI Face Service, a cloud-based facial recognition tool. They enable attackers to bypass authentication. Review the details within this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment. What...
Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability
A critical security vulnerability was identified in Microsoft Power Platform’s SharePoint connector. The flaw allows attackers to harvest user credentials and perform unauthorized actions within the platform upon a successful exploitation. Continue reading this Cybersecurity Threat Advisory to learn how...
Cybersecurity Threat Advisory: MintsLoader campaign threat
A cyber campaign has been identified using the MintsLoader malware loader to deliver secondary payloads, such as the StealC information stealer and the legitimate open-source network computing platform, BOINC. This campaign has primarily targeted sectors such as electricity, oil and...
Cybersecurity Threat Advisory: Ransomware attacks on ESXi systems
New ransomware attacks were discovered targeting ESXi systems that use stealthy SSH tunnels to direct traffic to command-and-control (C2) infrastructure, enabling attackers to remain undetected. Continue reading this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment....
Cybersecurity Threat Advisory: Apple iOS zero-day vulnerability
Apple has released critical security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2025-24085. Continue reading this Cybersecurity Threat Advisory in full to learn what devices are affected and how you can mitigate your risk regarding this vulnerability....
Cybersecurity Threat Advisory: Fortinet authentication vulnerability
A critical Fortinet authentication bypass vulnerability, CVE-2024-55591, is actively exploited in the wild. This vulnerability impacts FortiOS and FortiProxy, with a CVSS score of 9.6. Continue reading this Cybersecurity Threat Advisory to learn the necessary steps to protect your environment....