Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical SAP NetWeaver vulnerabilities
Researchers have uncovered a chained vulnerability in SAP NetWeaver Visual Composer involving authentication bypass and insecure deserialization. These critical flaws—tracked as CVE-2025-31324 and CVE-2025-42999—are currently being exploited in an active threat campaign targeting exposed Visual Composer servers. Review the details...
Cybersecurity Threat Advisory: SonicWall VPN attacked
There has been a rise in ransomware attacks targeting SonicWall. Many incidents trace back to migrations from Gen 6 to Gen 7 firewalls, where local user passwords were carried over without being reset. Review this Cybersecurity Threat Advisory to ensure...
Cybersecurity Threat Advisory: Critical NetScaler Gateway vulnerability
A threat campaign is actively exploiting a critical vulnerability, CVE-2025-6543, in Citrix NetScaler ADC and Gateway appliances configured as a Gateway or AAA virtual server. Review this Cybersecurity Threat Advisory for detailed guidance and recommended actions to mitigate your risk....
Cybersecurity Threat Advisory: Microsoft Exchange high-severity vulnerability
CVE-2025-53786 is a high-severity vulnerability affecting Microsoft Exchange servers, allowing attackers to move laterally within Microsoft cloud environments and potentially compromise entire domains. Currently, approximately 29,000 Exchange servers remain unpatched, leaving organizations exposed to significant risk. Review the information in...
Cybersecurity Threat Advisory: WinRAR zero-day exploited
A critical path traversal zero-day vulnerability — tracked as CVE‑2025‑8088 — has been identified in WinRAR and related components (Windows RAR, UnRAR.dll, and the portable UnRAR source code), and is currently being actively exploited. Review the details in this Cybersecurity...
Cybersecurity Threat Advisory: SonicWall SMA arbitrary file upload vulnerability
Attackers are actively exploiting CVE-2025-40599, a critical vulnerability in SonicWall’s Secure Mobile Access (SMA) devices, to upload arbitrary files and gain unauthorized access. This flaw enables them to execute malicious code and compromise affected systems. The Akira ransomware group is...
Cybersecurity Threat Advisory: SonicWall SSL VPN targeted by Akira ransomware – updated
Update: This post was updated on August 7, 2025, to reflect corrected information regarding this threat. An Akira ransomware campaign is specifically targeting SonicWall SSL VPN devices. Attackers are actively exploiting these vulnerabilities to gain unauthorized access to corporate networks....
Cybersecurity Threat Advisory: Critical PaperCut NG/MF CSRF flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-2533, a critical PaperCut NG/MF print management software vulnerability, to its Known Exploited Vulnerabilities (KEV) catalog. Attackers are actively exploiting this cross-site request forgery (CSRF) flaw in the wild. Review...
Cybersecurity Threat Advisory: Active Microsoft 365 ‘Direct Send’ exploitation
Security researchers have identified an active phishing campaign that exploits Microsoft 365’s “Direct Send” feature to bypass email security controls. This tactic allows attackers to deliver malicious emails that appear to originate from internal users. Continue reading this Cybersecurity Threat...
Cybersecurity Threat Advisory: Vulnerability in Google’s Gemini for Workspace
A newly discovered vulnerability in Google’s Gemini for Workspace allows attackers to manipulate artificial intelligence (AI)-generated email summaries. Threat actors embed concealed instructions in seemingly benign emails to bypass traditional email security. Review the details within this Cybersecurity Threat Advisory...
