SolarWinds has released important security updates to address several critical vulnerabilities impacting its Web Help Desk (WHD) product. These issues…
Executive Summary An ongoing phishing campaign is impersonating LastPass and abusing Amazon S3–hosted URLs as the first redirect hop to…
A coordinated exploitation campaign targeted Adobe ColdFusion servers across the globe during the Christmas 2025 holiday period, generating 5,940 malicious…
SonicWall has released security updates to remediate an actively exploited local privilege escalation vulnerability, tracked as CVE-2025-40602, affecting Secure Mobile…
Cybercriminals and nation-state advanced persistent threat (APT) groups are increasingly adopting stealth-driven, persistence-focused operational models that rely less on zero-day…
The discovery of CVE-2025-41115 exposes a critical security weakness in the Grafana Enterprise SCIM (System for Cross-domain Identity Management) component,…
The discovery of widespread exploitation of a critical XWiki vulnerability CVE-2025-24893 reveals a severe threat to organizations running unpatched instances.…
Cybercriminals and advanced persistent threat (APT) actors continue to evolve toward stealthier, persistence-focused, and profit-driven operations. Recent intelligence reports reveal…
A critical vulnerability, CVE-2025-54236, dubbed SessionReaper, is currently under active exploitation in Adobe Commerce and Magento Open-Source platforms. The flaw…
On October 22, 2025, the Internet Systems Consortium (ISC) disclosed multiple vulnerabilities in BIND 9, the world’s most widely used…