Threat Advisories
Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.
Strengthen Your Defenses With the Latest Intelligence
Red | Vulnerability Report
UNC5820 Exploits Critical FortiManager Zero-Day to Hijack Enterprise Networks
Fortinet has identified a zero-day vulnerability in the FortiManager API, tracked as October 25, 2024 Red | Attack Report
Bumblebee Bites Back with New Infection Chain
Bumblebee is a sophisticated malware loader first discovered in March 2022, primarily October 25, 2024 Amber | Attack Report
Exposed Docker APIs Fuel Illicit Cryptomining Surge
Threat actors have been observed targeting Docker remote API servers to install October 24, 2024 Red | Vulnerability Report
Roundcube Under Siege: Critical XSS Vulnerability Exploited in Phishing Attack
Attackers have exploited a Cross-Site Scripting (XSS) vulnerability in the Roundcube Webmail October 24, 2024 Red | Vulnerability Report
Critical Zero-Day Flaw in ScienceLogic SL1 Under Active Exploitation
CVE-2024-9537 is a critical vulnerability in the ScienceLogic SL1 platform, allowing remote October 23, 2024 Amber | Attack Report
Crypt Ghouls Deployed LockBit and Babuk to Paralyze Russian Firms
Crypt Ghouls, a rising cybercrime group, launched a wave of ransomware attacks October 23, 2024 Amber | Vulnerability Report
New ‘HM-Surf’ Vulnerability Could Expose MacOS Data
The macOS vulnerability known as HM Surf (CVE-2024-44133), allows attackers to bypass October 21, 2024 Red | Attack Report
Iranian Cyber Actors Target Critical Infrastructure
Iranian cyber actors have been targeting critical infrastructure sectors, such as healthcare, October 21, 2024