Tag: zero-day vulnerability

A critical path traversal zero-day vulnerability — tracked as CVE‑2025‑8088 — has been identified in WinRAR and related components (Windows RAR, UnRAR.dll, and the portable UnRAR source code), and is currently being actively exploited. Review the details in this Cybersecurity...

Leavar Michel / August 12, 2025

Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability

CrushFTP has disclosed a new critical vulnerability, CVE-2025-54309, which is currently being exploited in the wild. One indicator of compromise is a “last_logins” value set for internal default accounts. Review the details in this Cybersecurity Threat Advisory to help minimize...

Zachary Beaudet / July 23, 2025

Cybersecurity Threat Advisory: Microsoft SQL server zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Microsoft SQL server zero-day vulnerability

A critical information disclosure vulnerability has been identified in Microsoft SQL Server, designated as CVE-2025-49719 with a CVSS score of 7.5. This vulnerability allows unauthorized attackers to access sensitive data over a network, posing a serious risk to organizations that...

Jack Perry / July 18, 2025

Cybersecurity Threat Advisory: Microsoft zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Microsoft zero-day vulnerability

Microsoft disclosed a vulnerability, CVE-2025-26633, affecting the Microsoft Management Console (MMC). A known threat actor called EncryptHub is exploiting it. Read this Cybersecurity Threat Advisory to learn how to mitigate your risks from this zero-day vulnerability. What is the threat?...

Pragnashri Kusugal / March 28, 2025

Cybersecurity Threat Advisory: Apple critical zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Apple critical zero-day vulnerability

Apple has issued emergency security updates to address a critical zero-day vulnerability, CVE-2025-24200, which has been exploited in targeted and “extremely sophisticated” attacks. This vulnerability affects iPhone and iPad users, posing significant risks to user security. Review the details of...

Sachet Karkera / February 13, 2025

Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication and gain privileges. Keep reading this Cybersecurity Threat Advisory for information to keep your environment safe. What is the threat?...

Jon Abraham / January 15, 2025

Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities

Featured Security

Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities

Two vulnerabilities have been identified in Ivanti Connect Secure and Ivanti Policy Secure Gateways, CVE-2023-46805 and CVE-2024-21887 respectively, which when exploited together allow for unauthenticated remote code execution. These CVEs affect all supported versions of the products. Continue reading this...

Aniket Kapoor / January 16, 2024

Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited

Featured Security

Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited

Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...

Zachary Beaudet / December 6, 2023

Cybersecurity Threat Advisory: Atlassian confluence vulnerability

Featured Security

Cybersecurity Threat Advisory: Atlassian confluence vulnerability

This Cybersecurity Threat Advisory highlights a new security flaw that has recently been discovered in Atlassian’s Confluence Data Center and Server, which could result in significant data loss if exploited. Tracked as CVE-2023-22518, this vulnerability is rated 9.1 out of...

Zachary Beaudet / November 2, 2023

Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability

Featured Security

Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability

This latest Cybersecurity Threat Advisory involves a critical authentication bypass zero-day vulnerability (CVE-2023-20198) discovered in Cisco IOS XE software, allowing unauthenticated attackers to gain full administrator privileges over affected routers and switches. This vulnerability is of utmost concern as it...

Anthony Fusco / October 18, 2023

Categories

Tags

Archives

Tag: zero-day vulnerability

Cybersecurity Threat Advisory: WinRAR zero-day exploited

Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability

Cybersecurity Threat Advisory: Microsoft SQL server zero-day vulnerability

Cybersecurity Threat Advisory: Microsoft zero-day vulnerability

Cybersecurity Threat Advisory: Apple critical zero-day vulnerability

Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities

Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited

Cybersecurity Threat Advisory: Atlassian confluence vulnerability

Cybersecurity Threat Advisory: Cisco IOS XE zero-day vulnerability