A recently patched firewall flaw in Palo Alto Networks PAN-OS, tracked as CVE-2025-0108, lets cybercriminals with network access to the management web interface bypass authentication and execute certain PHP scripts. Although this doesn’t lead to remote execution of malicious code, this critical flaw still poses risks to the integrity and security of PAN-OS products. The […]
Two newly uncovered security flaws in the open-source OpenSSH suite tracked as CVE-2025-26465 and CVE-2025-26466 could enable adversaries to launch machine-in-the-middle/man-in-the-middle (MitM) or denial-of-service (DoS) attacks. With the growing number of weaponized CVEs, proactive detection of vulnerability exploitation is more critical than ever. In just the first two months of 2025, 6,127 new vulnerabilities have […]
A novel PostgreSQL flaw, CVE-2025-1094, has hit the headlines. Defenders recently revealed that attackers responsible for weaponizing a BeyondTrust zero-day RCE are also in charge of abusing another critical security issue in PostgreSQL. SOC Prime Platform for collective cyber defense helps organizations proactively detect vulnerability exploitation attempts using relevant context-enriched Sigma rules compatible with dozens of SIEM, […]
XE Group, likely a Vietnam-linked hacking collective that has been active in the cyber threat arena for over a decade is believed to be behind the exploitation of a couple of VeraCore zero-day vulnerabilities. During the latest campaign, adversaries weaponized VeraCore flaws tracked as CVE-2024-57968 and CVE-2025-25181 to deploy reverse shells and web shells, ensuring […]
Since a full-scale invasion of Ukraine, cybercriminal groups of russian origin have relentlessly targeted the Ukrainian state bodies and business sectors for espionage and destruction. Recently, cybersecurity researchers uncovered a massive cyber-espionage campaign exploiting a 7-Zip zero-day vulnerability to deliver SmokeLoader malware. The campaign’s ultimate objective was cyber espionage, intensifying the digital frontlines of the […]
Shortly after the critical zero-click OLE vulnerability in Microsoft Outlook (CVE-2025-21298), yet another dangerous security threat has come to light. A recently patched privilege escalation vulnerability affecting Active Directory Domain Services (CVE-2025-21293) has taken a dangerous turn. With a proof-of-concept (PoC) exploit now circulating publicly online, the risk of exploitation has significantly increased. This vulnerability […]
Defenders shed light on a set of vulnerabilities in Ivanti Cloud Service Appliances (CSA) that can be chained for further exploitation. The latest joint alert by CISA and FBI notifies the global defender community of at least two exploit chains using Invanti vulnerabilities tracked as CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380. Adversaries can take advantage of exploit […]
Hard on the heels of the disclosure of a denial-of-service (DoS) vulnerability in Windows LDAP, known as CVE-2024-49113 aka LDAPNightmare, another highly critical vulnerability affecting Microsoft products comes to the scene. The recently patched Microsoft Outlook vulnerability tracked as CVE-2025-21298 poses significant email security risks by allowing attackers to perform RCE on Windows devices through […]
Hot on the heels of the release of the first PoC exploit for a critical RCE vulnerability in the Windows LDAP, known as CVE-2024-49112, another vulnerability in the same software protocol in Windows environments is causing a stir. A discovery of CVE-2024-49113, a new denial-of-service (DoS) vulnerability, also known as LDAPNightmare, is hitting the headlines […]
In mid-January 2025, a new Fortinet FortiOS authentication bypass vulnerability, CVE-2024-55591, emerged as a severe threat to thousands of organizations at risk of compromise. This critical zero-day flaw exposes FortiGate firewall devices to potential compromise, allowing remote attackers to gain super-admin privileges on the affected systems. Fortinet has confirmed that the vulnerability is actively being […]