Threat Advisories
Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.
Strengthen Your Defenses With the Latest Intelligence
Red | Vulnerability Report
Cisco Patches Critical VPN DoS Vulnerability in ASA and FTD
Cisco patched a DoS vulnerability (CVE-2024-20481) affecting VPN functions in its ASA October 28, 2024 Red | Attack Report
Lazarus Exploits Chrome Zero-Day in Fake DeFi Game Heist
The North Korean Lazarus hacking group has leveraged a Google Chrome zero-day October 28, 2024 Amber | Attack Report
ClickFix Con: Phishing Scam Turns Video Calls into Malware Havens
In 2024, the ClickFix phishing method intensified as cybercriminals employed deceptive Google October 28, 2024 Red | Vulnerability Report
UNC5820 Exploits Critical FortiManager Zero-Day to Hijack Enterprise Networks
Fortinet has identified a zero-day vulnerability in the FortiManager API, tracked as October 25, 2024 Red | Attack Report
Bumblebee Bites Back with New Infection Chain
Bumblebee is a sophisticated malware loader first discovered in March 2022, primarily October 25, 2024 Amber | Attack Report
Exposed Docker APIs Fuel Illicit Cryptomining Surge
Threat actors have been observed targeting Docker remote API servers to install October 24, 2024 Red | Vulnerability Report
Roundcube Under Siege: Critical XSS Vulnerability Exploited in Phishing Attack
Attackers have exploited a Cross-Site Scripting (XSS) vulnerability in the Roundcube Webmail October 24, 2024 Red | Vulnerability Report
Critical Zero-Day Flaw in ScienceLogic SL1 Under Active Exploitation
CVE-2024-9537 is a critical vulnerability in the ScienceLogic SL1 platform, allowing remote October 23, 2024