Threat Advisories
Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.
Strengthen Your Defenses With the Latest Intelligence
Threat Level – Amber | Vulnerability Report
The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group
A sophisticated multi-stage attack campaign linked to the North Korean Kimsuky group, March 21, 2024 Threat Level – Red | Vulnerability Report
Aiohttp Vulnerability Leveraged by ShadowSyndicate
The cybercriminal group ‘ShadowSyndicate’ has been detected scanning for vulnerable servers, aiming March 21, 2024 Threat Level – Red | Vulnerability Report
Earth Krahang APT Campaign Targeting Global Governments
Earth Krahang, an APT campaign since 2022, targets global government entities, employing March 21, 2024 Threat Level – Amber | Vulnerability Report
Cisco IOS XR Flaws Enable Privilege Elevation and DoS Attacks
Three high-severity vulnerabilities have been discovered in the Cisco IOS XR software, March 18, 2024 Threat Level – Red | Vulnerability Report
Critical XSS Flaw Discovered in WP Statistics Impacting 600K Sites
A critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-2194) in WP Statistics plugin, allowing March 18, 2024 Threat Level – Red | Vulnerability Report
Magnet Goblin Strikes Public-Facing Servers
Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within March 18, 2024 Threat Level – Amber | Vulnerability Report
TimbreStealer Focuses On Mexico With Social Engineering
Since at least November 2023, there has been a persistent phishing spam March 14, 2024 Threat Level – Red | Vulnerability Report
Fortinet Releases Patches for Critical Vulnerabilities in Various Products
A critical SQL Injection vulnerability (CVE-2023-48788) in FortiClientEMS software enables attackers to March 14, 2024