Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco AsyncOS zero-day vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Cisco AsyncOS zero-day vulnerability

Cisco has disclosed a zero‑day vulnerability in AsyncOS that is actively being exploited, with a CVSS of 10.0. The Cybersecurity and Infrastructure Security Agency (CISA) added the CVE to its KEV catalog. Review this Cybersecurity Threat Advisory to reduce exposure...

/ December 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: FreePBX critical vulnerabilities
FeaturedSecurity

Cybersecurity Threat Advisory: FreePBX critical vulnerabilities

Several vulnerabilities in the FreePBX platform have been disclosed and patched, including a critical authentication bypass and flaws enabling SQL injection and arbitrary file upload. Read this Cybersecurity Threat Advisory for an analysis, remediation steps, and detection guidance. What is...

/ December 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Gogs zero-day vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Gogs zero-day vulnerability

A high-severity, unpatched vulnerability in the Gogs self-hosted Git service is being tracked as CVE-2025-8110. With a CVSS score of 8.7, it is under active exploitation, with more than 700 compromised instances exposed on the internet. Review this Cybersecurity Threat...

/ December 15, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: WinRAR vulnerability exploit
FeaturedSecurity

Cybersecurity Threat Advisory: WinRAR vulnerability exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-6218, a path traversal vulnerability in WinRAR for Windows, to its Known Exploited Vulnerabilities (KEV) catalog following confirmed exploitation by multiple advanced persistent threat (APT) groups. Read this Cybersecurity Threat Advisory...

/ December 15, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical FortiCloud SSO flaws
FeaturedSecurity

Cybersecurity Threat Advisory: Critical FortiCloud SSO flaws

Fortinet has disclosed two critical authentication bypass vulnerabilities in its FortiCloud SSO login feature. Both carry a CVSS score of 9.8, signaling near-maximum severity. Read this Cybersecurity Threat Advisory for more details on how to secure your network infrastructure. What...

/ December 12, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical Microsoft Outlook vulnerability

A newly disclosed Microsoft Outlook vulnerability, tracked as CVE-2025-62562, could allow for remote code execution (RCE). Read this Cybersecurity Threat Advisory to mitigate you and your clients’ risk now. What is the threat? This use-after-free vulnerability introduces a use-after-free flaw...

/ December 11, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical ArrayOS VPN flaw
FeaturedSecurity

Cybersecurity Threat Advisory: Critical ArrayOS VPN flaw

Attackers are exploiting a command injection vulnerability in ArrayOS AG VPN devices to plant PHP webshells and create rogue users. CISA has added this vulnerability to the Known Exploited Vulnerabilities (KEV) catalog. Review this Cybersecurity Threat Advisory to discover recommended...

/ December 10, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache Tika vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Apache Tika vulnerability

A maximum-severity Extensible Markup Language (XML) External Entity (XXE) injection vulnerability has been disclosed in Apache Tika, tracked as CVE-2025-66516 with a CVSS score of 10.0. Review this Cybersecurity Threat Advisory now to mitigate your risk and potential impact. What...

/ December 10, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Android framework exploits
FeaturedSecurity

Cybersecurity Threat Advisory: Android framework exploits

Google released the December 2025 Android Security Update to address 107 vulnerabilities across the Android OS and vendor components. The most critical aspect of this release is the remediation of two high-severity vulnerabilities. Review this Cybersecurity Threat Advisory to limit...

/ December 6, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical React2Shell vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical React2Shell vulnerability

There are two critical unauthenticated remote code execution vulnerabilities in the React Server Components (RSC) “Flight” protocol. Continue reading this Cybersecurity Threat Advisory to learn how to protect you and your clients’ environments. What is the threat? These critical vulnerabilities...

/ December 6, 2025
1 7 8 9 10 11 73