Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Oracle E-Business Suite vulnerability
Oracle has issued a warning about a new security flaw in its E-Business Suite (EBS), tracked as CVE-2025-61884, with a CVSS score of 7.5. This vulnerability is remotely exploitable without authentication via HTTP and targets Oracle Configurator, a module used...
Cybersecurity Threat Advisory: MySonicWall Cloud Backup breach
SonicWall has confirmed a security breach affecting firewall configuration backups for all customers using the MySonicWall Cloud Backup service. Review the details within this Cybersecurity Threat Advisory to learn more and see how to protect your data. What is the...
Cybersecurity Threat Advisory: Critical vulnerability in Dell UnityVSA
Cybersecurity researchers at WatchTowr have disclosed a critical vulnerability in Dell UnityVSA (and related Unity platforms) tracked as CVE-2025-36604. The flaw allows an attacker with no authentication to issue arbitrary OS commands on vulnerable appliances by abusing the login redirection...
Cybersecurity Threat Advisory: RediShell allows RCE in Redis
Redis has disclosed CVE-2025-49844, a critical remote code execution vulnerability known as RediShell, with a CVSS score of 10.0. The flaw has existed for over 13 years and could allow attackers to run arbitrary commands on vulnerable systems. Thousands of...
Cybersecurity Threat Advisory: Critical Oracle EBS flaw
Oracle released an emergency update for its E-Business Suite to address the critical vulnerability CVE-2025-61882 ( with a CVSS of 9.8) because it was actively being exploited by threat actors, particularly the Cl0p ransomware group, in a recent wave of...
Cybersecurity Threat Advisory: Critical Linux sudo vulnerability
Security researchers have uncovered a serious vulnerability in sudo, the tool that runs commands with elevated privileges on Linux systems. It is tracked as CVE-2025-32463 and carries a CVSS score of 9.3. This flaw poses a serious risk to Linux...
Cybersecurity Threat Advisory: VMware zero-day vulnerability exploited
Threat actors have actively exploited a zero-day vulnerability in Broadcom VMware Tools and VMware Aria Operations (CVE-2025-41244) in the wild. The China-linked group UNC5174 (aka Uteus/Uetus) has exploited the flaw for privilege escalation in VMware-targeted attacks. Continue reading this edition...
Cybersecurity Threat Advisory: Cisco IOS and IOS XE SNMP vulnerability
Several vulnerability advisories were issued that impact devices using Cisco IOS and Cisco IOS XE firmware. Most notably, CVE-2025-20352 has already been observed in active exploitation. Continue reading this Cybersecurity Threat Advisory to mitigate your risks from this vulnerability. What...
Cybersecurity Threat Advisory: SonicWall VPNs targeted by Akira ransomware
Akira ransomware operators have launched an aggressive campaign targeting SonicWall VPN appliances. Attackers have already breached accounts protected by multi-factor authentication (MFA) successfully, leveraging vulnerabilities in SonicWall Secure Mobile Access (SMA) and SSL-VPN portals. The campaign is characterized by rapid...
Cybersecurity Threat Advisory: Cisco ASA zero-day vulnerability
Threat actors are actively exploiting two critical zero-day vulnerabilities in Cisco Secure Firewall ASA and FTD software. CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) allow attackers to chain exploits that bypass authentication and execute malicious code. In response, the U.S....
