Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Vulnerability within TP-Link routers
A vulnerability that could lead to critical status, tracked as CVE-2023-1389, was identified in TP-Link Archer AX-21 routers. The Ballista botnet is currently exploiting this vulnerability, which can spread automatically across the web. Continue reading this Cybersecurity Threat Advisory to...
Cybersecurity Threat Advisory: Critical VMware vulnerabilities exploited
Three critical vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) are actively exploited, posing a significant threat to VMware virtualization environments. Review the details in this Cybersecurity Threat Advisory to learn how to mitigate your risks. What is the threat? These vulnerabilities present...
Cybersecurity Threat Advisory: Critical vulnerability in PostgreSQL
Security experts identified a critical PostgreSQL vulnerability, CVE-2025-1094, with a CVSS of 8.1. The vulnerability poses a significant risk to database integrity in enterprise and production environments. Review this Cybersecurity Threat Advisory to learn how to mitigate your risks. What...
Cybersecurity Threat Advisory: Check Point’s flaw under active exploitation
A threat cluster dubbed “Green Nailao” is targeting European organizations, particularly in the healthcare sector, using Check Point Network Gateway Security vulnerability, CVE-2024-24919. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat?...
Cybersecurity Threat Advisory: New OpenSHH vulnerabilities
Two OpenSSH vulnerabilities, CVE-2025-26465 and CVE-2025-26466, affect multiple versions of OpenSSH. These vulnerabilities can be exploited for man-in-the-middle (MitM) attacks or cause a denial-of-service (DoS) attack. Review this Cybersecurity Threat Advisory to mitigate your risk. What is the threat? OpenSSH...
Cybersecurity Threat Advisory: Xerox printer vulnerabilities
Two vulnerabilities, CVE-2024-12510 and CVE-2024-12511, have been found in the Xerox VersaLink C7025 Multifunction Printer. Upon successful exploitation, bad actors can capture authentication credentials through pass-back attacks via lightweight directory access protocol (LDAP), server message block (SMB), and file transfer...
Cybersecurity Threat Advisory: Critical Juniper vulnerability
A critical vulnerability, CVE-2025-21589, is found in Juniper Networks’ Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This flaw enables threat actors to bypass authentication mechanisms and gain administrative control over affected devices. Continue reading this Cybersecurity...
Cybersecurity Threat Advisory: Brute force attack targeting edge devices
The Shadowserver Foundation uncovered a large brute force attack, with approximately 2.8 million IPs launching attacks on edge devices like firewalls, routers, and VPNs. Continue to read this Cybersecurity Threat Advisory to learn how you can mitigate the risks of...
Cybersecurity Threat Advisory: High-severity PAN-OS vulnerability
A high-severity authentication bypass vulnerability in PAN-OS software, CVE-2025-0108, was disclosed. This flaw allows unauthenticated attackers with network access to bypass authentication and invoke PHP scripts, compromising system integrity and confidentiality. Read this Cybersecurity Threat Advisory to learn how you can...
Cybersecurity Threat Advisory: Apple critical zero-day vulnerability
Apple has issued emergency security updates to address a critical zero-day vulnerability, CVE-2025-24200, which has been exploited in targeted and “extremely sophisticated” attacks. This vulnerability affects iPhone and iPad users, posing significant risks to user security. Review the details of...
