Following the disclosure of CVE-2025-4427 and CVE-2025-4428, two Ivanti EPMM vulnerabilities that can be chained for RCE, another critical security issue has emerged, posing a severe threat to organizations that rely on Active Directory (AD). A recently uncovered privilege escalation vulnerability in Windows Server 2025 gives attackers the green light to gain control over any […]
In today’s fast-evolving ransomware landscape, threat actors are accelerating their tactics to gain access and deploy payloads with alarming speed. Increasingly, attackers are leveraging known vulnerabilities as entry points, as seen in a recent attack where adversaries exploited CVE-2023-22527, a maximum-severity template injection flaw in Atlassian Confluence, to compromise an internet-exposed system. Just 62 hours […]
Following the disclosure of CVE-2025-31324, an unauthenticated file upload vulnerability in SAP NetWeaver enabling RCE, two more security flaws have surfaced in Ivanti Endpoint Manager Mobile (EPMM) software. Identified as CVE-2025-4427 and CVE-2025-4428, these vulnerabilities can be chained together to achieve RCE on vulnerable devices without requiring authentication. Detect CVE-2025-4427 and CVE-2025-4428 Exploit Chain With […]
Zero-day vulnerabilities are no longer rare anomalies—they’re now a core weapon in the modern attacker’s arsenal, with exploitation activity escalating year over year. According to Google’s Threat Intelligence Group (GTIG), in 2024 alone, 75 zero-day vulnerabilities were exploited in the wild—a stark indicator of the growing threat to business-critical systems. One of the latest critical […]
Following the disclosure of the Command Center CVE-2025-34028 vulnerability, researchers are now warning about another critical threat: a max-severity flaw in Craft CMS, tracked as CVE-2025-32432. Attackers are chaining it with a critical input validation bug in the Yii framework (CVE-2025-58136) to power zero-day attacks, leading to server breaches and data theft. By mid-April, around […]
Following the CVE-2025-30406 disclosure, an RCE flaw in the widely used Gladinet CentreStack and Triofox platforms, another highly critical vulnerability that could also allow remote execution of arbitrary code without authentication, is coming to the scene. The flaw, tracked as CVE-2025-34028, has been recently uncovered in the Command Center installation, which could lead to a […]
A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced — and it’s already under active exploitation. At least seven organizations have reportedly been compromised through this flaw, tracked as CVE-2025-30406. The root cause? A hard-coded cryptographic key that leaves internet-facing servers dangerously exposed to […]
Hot on the heels of the CVE-2025-1449 disclosure, a vulnerability in Rockwell Automation software, another critical security issue affecting widely used software products is now drawing the attention of the defenders. CVE-2025-29824 is a zero-day vulnerability in the Windows Common Log File System (CLFS) that gives threat actors the green light to escalate privileges to […]
Hard on the heels of the disclosure of CVE-2025-24813, a RCE flaw in Apache Tomcat actively leveraged in the wild shortly after the release of its PoC, another vulnerability identified as CVE-2025-1449 that can be exploited remotely comes into the spotlight. Once weaponized, CVE-2025-1449 gives admin-level threat actors the green light to run arbitrary commands. […]
Heads-up for Kubernetes admins! A batch of five critical vulnerabilities called “IngressNightmare” (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974) affecting Ingress NGINX have been recently patched, posing a serious risk to the clusters. With over 40% of Kubernetes environments relying on Ingress NGINX, swift action is crucial to safeguard your systems and data against RCE attacks. […]