Network edge devices continue to be a primary target for sophisticated state-sponsored actors aiming to bypass traditional perimeter defenses. Recent…
Two maximum severity vulnerabilities have been identified in a range of Fortinet products, including the widely deployed FortiGate firewalls. These…
A maximum severity vulnerability has been identified in Apache Tika, a widely used open-source content analysis toolkit. This vulnerability, designated…
A critical authentication bypass vulnerability in Fortinet's FortiWeb web application firewalls (WAF), identified as CVE-2025-64446 with a CVSS score of…
Executive Summary A targeted cyber-espionage campaign attributed to the threat group APT-C-08 is actively exploiting a high severity directory traversal…
Executive Summary A cyber-espionage group, identified as UNC6485, is actively exploiting a critical vulnerability in Gladinet's Triofox file-sharing platform. This…
Executive Summary A targeted phishing campaign is exploiting a security flaw, CVE-2025-8088, to attack government, military, and electric power sectors…
Oracle E-Business Suite (EBS), a comprehensive suite of enterprise resource planning (ERP) applications, is integral to managing core business operations…
A sophisticated, state-sponsored threat actor tracked as ArcaneDoor is actively exploiting two new zero-day vulnerabilities in Cisco firewalls. The campaign deploys a…
Executive summary Since at least early 2025, a suspected China-nexus cluster, tracked as UNC5221, has deployed the BRICKSTORM backdoor using…