Threat Alert Center
Be the first to know about the latest vulnerabilities, attack campaigns, and highly impactful threat actor activity. Our threat advisories and bulletins provide detailed and easy to understand security guidance about current security issues, vulnerabilities, and exploits.
Critical Zero-Day Vulnerability in Palo Alto Networks Next-Generation Firewalls (PAN-SA-2024-0015)
Summary Palo Alto Networks has identified a critical zero-day vulnerability (PAN-SA-2024-0015) in...
Read More
FortiManager Critical CVE-2024-47575 “FortiJump” Allows RCE
Summary On October 23, 2024, Fortinet published an advisory for CVE-2024-47575, a critical-severi...
Read More
Kubernetes Image Builder Vulnerabilities
Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (C...
Read More
Splunk Enterprise Multiple Vulnerabilities for RCE
Summary Splunk has disclosed several high-severity vulnerabilities in Splunk Enterprise and Splun...
Read More
Security Advisory: CVE-2024-45519
Summary CVE-2024-45519 is a critical security vulnerability discovered in the postjournal service...
Read More
Critical Security Updates for Palo Alto Networks: CVE-2024-5910 & CVE-2024-3596
Summary Palo Alto Networks has released critical security updates addressing several vulnerabilit...
Read More
Remote Code Execution in OpenSSH’s Server (CVE-2024-6387) – regreSSHion
Updates made on July 3 Summary A critical vulnerability (CVE-2024-6387) named regreSSHion has bee...
Read More
Critical Authentication Bypass in Juniper Session Smart Router CVE-2024-2973
Summary Juniper Networks has issued an out-of-cycle security bulletin to address a critical vulne...
Read More
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time
Written by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by ...
Read More
CVE-2023-46604 Apache ActiveMQ RCE vulnerability
Written by Joshua Cartlidge of the Kudelski Security Threat Detection & Research Team Summar...
Read More
F5 BIG-IP Unauthenticated RCE via HTTP Request Smuggling
Written by Scott Emerson of the Kudelski Security Threat Detection & Research Team Summary R...
Read More
VMware vCenter Server Out-of-Bounds Write Vulnerability (CVE-2023-34048)
Written by Yann Lehmann with the support of Scott Emerson of the Kudelski Security Threat Detecti...
Read More
Image I/O & WebP/libwebp Zero-Day Vulnerabilities
Google/Heap Buffer Overflow Vulnerability in WebP (CVE-2023-4863) Written by Michal Nowakowski of...
Read More
Citrix ADC/Gateway Triple Threat
Written by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research ...
Read More
CVE-2023-36884 – Office and Windows HTML Remote Code Execution Vulnerability
Written by Yann Lehmann and Harish Segar of the Kudelski Security Threat Detection & Researc...
Read More