Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: BYOVD attacks leveraged by Medusa ransomware
The Medusa ransomware-as-a-service (RaaS) operation has recently been observed using a malicious driver named ABYSSWORKER in Bring Your Own Vulnerable Driver (BYOVD) attacks. This technique allows threat actors to disable security software by exploiting legitimate, vulnerable drivers to gain kernel-level...

Cybersecurity Threat Advisory: New RAT malware
Microsoft has issued a warning about a new, sophisticated remote access trojan (RAT) called StilachiRAT. Threat actors are actively using StilachiRAT to evade detection to establish persistent access to compromised systems. Continue reading this Cybersecurity Threat Advisory to protect your...

Cybersecurity Threat Advisory: Critical AMI BMC vulnerability
AMI has disclosed a critical vulnerability, CVE-2024-54085, with a CVSS score of 10.0. This vulnerability allows attackers to gain remote access and execute malicious commands. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is...

Cybersecurity Threat Advisory: Apache Tomcat vulnerability
A severe remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively exploited in the wild, allowing attackers to gain server control using a simple PUT request. Review the details in this Cybersecurity Threat Advisory to learn...

Cybersecurity Threat Advisory: Critical authentication bypass in ruby-saml
CVE-2025-25292 and CVE-2025-25291 are related to an authentication bypass vulnerability found in ruby-saml due to parser differential handling. The flaws carry a high CVSS score of 8.8. The vulnerability exists in the way ReXML and Nokogiri parse XML differently. The...

Cybersecurity Threat Advisory: EOL Juniper Networks MX routers targeted in attacks
Threat actor UNC3886 has been observed targeting end-of-life (EOL) MX routers from Juniper Networks as part of a sophisticated campaign designed to deploy custom backdoors. This group has demonstrated a particular focus on internal networking infrastructure, which allows them to...

Cybersecurity Threat Advisory: Moxa fixes severe authentication flaws
Moxa has issued a security advisory highlighting critical authorization vulnerabilities in several switch models, tracked as CVE-2024-12297, with a CVSS score of 9.2. Review the details of this Cybersecurity Threat Advisory to understand how to mitigate the impact of authentication...

Cybersecurity Threat Advisory: Vulnerability within TP-Link routers
A vulnerability that could lead to critical status, tracked as CVE-2023-1389, was identified in TP-Link Archer AX-21 routers. The Ballista botnet is currently exploiting this vulnerability, which can spread automatically across the web. Continue reading this Cybersecurity Threat Advisory to...

Cybersecurity Threat Advisory: Critical VMware vulnerabilities exploited
Three critical vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) are actively exploited, posing a significant threat to VMware virtualization environments. Review the details in this Cybersecurity Threat Advisory to learn how to mitigate your risks. What is the threat? These vulnerabilities present...