Under Medusa’s Gaze: GoAnywhere Zero-Day Powers Ransomware Attacks
Executive Summary A critical deserialization vulnerability in Fortra GoAnywhere MFT (CVE-2025-10035 , with a CVSS score of 10.0) has been…
0 Comments
October 8, 2025
Firewall on Fire: Critical CVE-2025-9242 Hits WatchGuard Firebox
WatchGuard has issued urgent security updates to address a critical vulnerability, CVE-2025-9242, affecting its Firebox firewalls. This high-severity flaw could allow…
Comments Off on Firewall on Fire: Critical CVE-2025-9242 Hits WatchGuard Firebox
September 22, 2025
From License to Root: Critical Flaw in Fortra GoAnywhere MFT
A critical vulnerability has been identified in Fortra's GoAnywhere Managed File Transfer (MFT) platform, posing a significant risk to organizations…
Comments Off on From License to Root: Critical Flaw in Fortra GoAnywhere MFT
September 22, 2025
WeepSteel Rises: Attackers Exploit Critical Sitecore Deserialization Bug
Executive Summary A critical zero-day vulnerability in Sitecore, tracked as CVE-2025-53690, has been exploited in the wild to deploy the…
Comments Off on WeepSteel Rises: Attackers Exploit Critical Sitecore Deserialization Bug
September 12, 2025
81 Flaws Fixed, Two Zero Days In Microsoft’s September 2025 Patch Tuesday
The biggest day of the month is here! This Patch Tuesday, Microsoft has released patches for 81 flaws, including 9…
Comments Off on 81 Flaws Fixed, Two Zero Days In Microsoft’s September 2025 Patch Tuesday
September 10, 2025
Stealth in the Storm! Breaking Down Salt Typhoon’s Global Cyber Campaign
Executive Summary Salt Typhoon, a China-linked advanced persistent threat (APT) group, has been conducting a persistent cyber-espionage campaign since at…
Comments Off on Stealth in the Storm! Breaking Down Salt Typhoon’s Global Cyber Campaign
August 29, 2025
Gayfemboy Malware Emerges: Next-Gen Mirai Variant Targets Cisco and TP-Link Routers
Executive Summary FortiGuard Labs has uncovered a new malware strain dubbed Gayfemboy, a Mirai successor that aggressively targets routers and…
Comments Off on Gayfemboy Malware Emerges: Next-Gen Mirai Variant Targets Cisco and TP-Link Routers
August 26, 2025
New MadeYouReset Exploit Bypasses HTTP/2 DoS Protections
A novel attack technique named MadeYouReset has been discovered, targeting multiple implementations of the HTTP/2 protocol. This flaw, sitting at a comfortable…
Comments Off on New MadeYouReset Exploit Bypasses HTTP/2 DoS Protections
August 18, 2025
107 Flaws Fixed, One Zero Day In Microsoft’s August 2025 Patch Tuesday
August's Patch Tuesday has arrived! This month, Microsoft has released patches for 107 flaws, including 13 critical bugs and one…
Comments Off on 107 Flaws Fixed, One Zero Day In Microsoft’s August 2025 Patch Tuesday
August 13, 2025
Ghost Calls: Stealthy C2 Attack Exploits Zoom, Teams, and Meet
A novel attack technique dubbed "Ghost Calls" has emerged, exploiting web conferencing platforms like Zoom, Microsoft Teams, and Google Meet…
Comments Off on Ghost Calls: Stealthy C2 Attack Exploits Zoom, Teams, and Meet
August 11, 2025