Security Vulnerabilities | Software Updates | Targeted Attacks Apple releases fix for CVE-2025-43300 zero-day vulnerability
Pentesting Automation | Real-time Insights | Vulnerability Management Automation is transforming how penetration testing services are provided.
3D Product Configurators | Network Security Risks | State-Sponsored Cyber Threats | Vulnerability Exploitation FBI alleges Russian APT group exploiting old Cisco vulnerability (CVE-2018-0171)
Cisco Products | Mitigation Strategies | Security Vulnerability Cisco Secure Firewall vulnerability enables remote shell command injections
Cybersecurity Threats | Malware Exploitation | Software Vulnerabilities CVE-2025-8088 – WinRAR path traversal vulnerability exploited to run malicious software
Denial of Service | Security Vulnerability | Software Update Apache Tomcat vulnerabilities allow Denial of Service (DoS) attacks
Cybersecurity Threats | DDoS Attacks | HTTP/2 Vulnerabilities MadeYouReset vulnerability in HTTP2 facilitates large-scale DDoS attacks
Authentication Vulnerabilities | Cybersecurity Threats | Phishing Techniques Hackers using specialized phishing tools for downgrade attacks on FIDO authentication
Remote Code Execution | Security Vulnerabilities | Software Updates New Zoom and Xerox security updates address privilege escalation and remote code execution (RCE)
Critical Infrastructure Security | Erlang-based Platform Risks Urgent Patch Required: Cybercriminals Exploit Critical RCE Vulnerability in OT Networks
Cybersecurity | Industrial Control Systems | Vulnerability Exploitation Operational Technology (OT) networks are being extensively targeted due to vulnerabilities found in Erlang/OTP.
Cybersecurity Vulnerabilities | Exploitation of Operational Technology | Targeted Industries Researchers have observed a significant increase in remote code execution (RCE) exploits targeting the Erlang/OTP SSH protocol, with 70% of these attacks aimed at operational technology (OT) firewalls.
Cyberespionage | Cybersecurity | Vulnerabilities RomCom hackers are utilizing a zero-day vulnerability in WinRAR to conduct specific targeted attacks.
Remote Procedure Call Security | Spoofing Attacks | Vulnerability Disclosure Researchers have outlined a Windows EPM poisoning exploit sequence that can result in escalated privileges within a domain.
Cloud Security | Cybersecurity | Vulnerability Management Organizations Alerted to Security Flaw in Microsoft Exchange Hybrid Setup
HTTP Vulnerability | Protocol Upgrades | Security Mitigations A critical flaw in HTTP/1.1 has put millions of websites at risk of being seized by malicious actors.
Firmware Vulnerabilities | Keyless Entry Exploits | Vehicle Security The ‘DarkWeb’ firmware for Flipper Zero circumvents rolling code security systems used by several leading car manufacturers.
Cybersecurity Advisory | Hybrid Deployment Mitigation | Microsoft Exchange Vulnerability CISA Issues Urgent Advisory Calling on Federal Agencies to Fix Exchange Server Flaw by Monday.
Customer Guidance | Cybersecurity Vulnerabilities | Ransomware Attacks SonicWall has verified that there are no new zero-day vulnerabilities in SSLVPN, stating that the recent ransomware attack is associated with an older vulnerability.
Cybersecurity Vulnerability | Microsoft Exchange Server | Privilege Escalation A newly discovered vulnerability in Microsoft Exchange Server allows attackers to acquire administrative privileges.
Evasion Techniques | Exploitation of Vulnerabilities | Ransomware Tactics The Akira ransomware employs Windows drivers to evade antivirus and endpoint detection and response systems during attacks on SonicWall.
Cybersecurity | Remote Code Execution | Software Vulnerabilities RCE Vulnerability in AI-Powered Coding Tools Threatens Software Supply Chain Security
AI Development Tools | Cybersecurity | Software Vulnerabilities A newly identified MCPoison attack utilizes the Cursor IDE’s MCP validation process to run arbitrary commands within the system.
AI Development Risks | Cybersecurity Vulnerabilities | Remote Code Execution A vulnerability in the Cursor AI Code Editor allows for remote code execution (RCE) by swapping in a malicious MCP file after it has been approved.
Cloud Security Risks | Financial Data Manipulation | Vulnerability Exploitation A newly discovered vulnerability in Streamlit enables cybercriminals to execute cloud account takeover attacks.
Cybersecurity Threats | Mitigation Strategies | Vulnerability Management SonicWall has issued a warning about a rise in cyberattacks aimed at their Generation 7 firewalls over the past 72 hours.
Misconfiguration | Shared Responsibility Model | Vulnerability Misconfigurations Should Not Be Considered Vulnerabilities: The Expensive Misunderstanding Surrounding Security Threats.
Cybersecurity Threats | Remote Code Execution | Vulnerability Exploitation Cybercriminals have the ability to access IIS machine keys by taking advantage of a vulnerability in SharePoint’s deserialization process.
Mobile Technology | Security Updates | Vulnerability Management The August 2025 update for Android addresses a Qualcomm vulnerability that has been exploited.
Firewall Exploitation | Ransomware Attacks | Zero-Day Vulnerabilities SonicWall is actively searching for zero-day vulnerabilities following a significant increase in attacks targeting firewalls.
