Threat Advisories
Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.
Strengthen Your Defenses With the Latest Intelligence
Amber | Attack Report
Threat Actors Exploit Docker and Kubernetes for Crypto Mining
A new cryptojacking campaign that exploits Docker and Kubernetes environments to mine October 4, 2024 Amber | Attack Report
Sparkling Pisces’s Latest Tools Unveiled: KLogEXE and FPSpy Enhance Espionage Efforts
The North Korean-linked Sparkling Pisces (aka Kimsuky) has been deploying two new September 27, 2024 Amber | Vulnerability Report
CVE-2024-45817: Deadlock Flaw in XenServer and Citrix Hypervisor
Citrix has addressed vulnerabilities in XenServer 8 and Citrix Hypervisor 8.2 CU1 September 27, 2024 Amber | Vulnerability Report
Critical Flaw in Microchip ASF Exposes Devices to Remote Code Execution
A critical vulnerability, CVE-2024-7490, has been discovered in the Microchip Advanced Software September 27, 2024 Amber | Attack Report
SnipBot: Unpacking the Latest RomCom Malware Variant
SnipBot, a newly identified variant from the RomCom malware family, employs advanced September 25, 2024 Amber | Vulnerability Report
Flaw in Apache Tomcat Poses DoS Risk, Threatening Service Availability
Apache Tomcat has been found to contain a newly discovered vulnerability, CVE-2024-38286, September 25, 2024 Amber | Attack Report
North Korean Hackers Weaponize Job Offers Featuring MISTPEN
Lazarus Group, a North Korea-linked cyber-espionage organization (also known as UNC2970 and September 25, 2024 Red | Attack Report
PondRAT Malware Hidden in Python Packages Targets Developers
PondRAT malware, linked to North Korean hackers, was found hidden in Python September 24, 2024