Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Storm-1175 exploits zero-days to deploy Medusa ransomware
Storm-1175 is a threat actor using a rapid sequence of zero-day and N-day exploits to deploy Medusa ransomware against internet-facing assets. This high-velocity attack pattern has been highlighted by security researchers, who emphasize the heightened risk posed by exposed perimeter...
Cybersecurity Threat Advisory: Active exploitation of Fortinet SQL injection vulnerability
Fortinet has issued urgent security guidance following the active exploitation of a critical SQL injection vulnerability affecting FortiClient Enterprise Management Server (EMS). The flaw allows unauthenticated attackers to achieve remote code execution through specially crafted HTTP requests sent to the...
Cybersecurity Threat Advisory: Axios NPM compromised by supply chain attack
The widely used HTTP client Axios was compromised recently in an incident that many researchers are attributing to a North Korean–linked cyberattack. Attackers gained access to the NPM account of an Axios maintainer, “jasonsaayman,” and published two malicious versions of...
Cybersecurity Threat Advisory: RoadK1ll Node.js WebSocket implant
Recent reporting has identified a Node.js–based post-exploitation implant known as RoadK1ll, observed in real-world intrusions as a lateral movement and network pivoting tool. Read this Cybersecurity Threat Advisory to protect you and your clients’ environments. What is the threat? RoadK1ll...
Cybersecurity Threat Advisory: Apple security updates for iOS vulnerabilities
Apple has released urgent security updates for older iPhones and iPads to address multiple vulnerabilities actively exploited in the wild via the Coruna exploit kit—a sophisticated attack framework used by both espionage groups and cybercriminals. Read this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: PureLog Stealer malware campaign
A new malware campaign is using deceptive copyright infringement notices to distribute PureLog Stealer, targeting organizations across multiple sectors and countries. The malware operates primarily in memory and employs evasion techniques such as DLL sideloading to bypass traditional security controls....
Cybersecurity Threat Advisory: Telecoms targeted with new malware
A China‑linked advanced persistent threat group, UAT‑9244, has been targeting telecommunications (telecom) providers in South America since at least 2024. Learn more about this targeted campaign and how to protect your environment in this Cybersecurity Threat Advisory. What is the...
Cybersecurity Threat Advisory: Critical NetScaler ADC and Gateway vulnerability
Citrix has released security updates to address a critical information disclosure vulnerability affecting NetScaler ADC and NetScaler Gateway. The flaw allows unauthenticated remote attackers to retrieve sensitive information from vulnerable appliances via the HTTP/HTTPS interface. Read this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Interlock targets Cisco Secure FMC in zero-day
Recent reporting from Amazon Threat Intelligence and multiple security researchers confirms that the Interlock ransomware group is actively exploiting a critical remote code execution vulnerability in Cisco Secure Firewall Management Center (FMC) Software. Read this Cybersecurity Threat Advisory to protect...
Cybersecurity Threat Advisory: Active exploitation of Microsoft SharePoint RCE
A critical remote code execution (RCE) vulnerability in Microsoft SharePoint caused by the deserialization of untrusted data has been discovered. Authentication is not required by attackers on unprotected systems. Review the Cybersecurity Threat Advisory now to protect you and your...
