Threat Alert Center
Be the first to know about the latest vulnerabilities, attack campaigns, and highly impactful threat actor activity. Our threat advisories and bulletins provide detailed and easy to understand security guidance about current security issues, vulnerabilities, and exploits.
![](/wp-content/uploads/chevron-right-1-1.png)
![](https://research.kudelskisecurity.com/wp-content/uploads/2024/07/istock-532283221.jpg)
Remote Code Execution in OpenSSH’s Server (CVE-2024-6387) – regreSSHion
Updates made on July 3 Summary A critical vulnerability (CVE-2024-6387) named regreSSHion has bee...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2024/07/istock-1350668583.jpg)
Critical Authentication Bypass in Juniper Session Smart Router CVE-2024-2973
Summary Juniper Networks has issued an out-of-cycle security bulletin to address a critical vulne...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/01/istock-961628368.jpeg)
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time
Written by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by ...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2021/04/istock-1212064060.jpg)
CVE-2023-46604 Apache ActiveMQ RCE vulnerability
Written by Joshua Cartlidge of the Kudelski Security Threat Detection & Research Team Summar...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/10/a010-markusspiske-mar19-1902-5037.jpg)
F5 BIG-IP Unauthenticated RCE via HTTP Request Smuggling
Written by Scott Emerson of the Kudelski Security Threat Detection & Research Team Summary R...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2020/07/pexels-photo-207580.jpeg)
VMware vCenter Server Out-of-Bounds Write Vulnerability (CVE-2023-34048)
Written by Yann Lehmann with the support of Scott Emerson of the Kudelski Security Threat Detecti...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/03/pexels-photo-1933900-1.jpeg)
Image I/O & WebP/libwebp Zero-Day Vulnerabilities
Google/Heap Buffer Overflow Vulnerability in WebP (CVE-2023-4863) Written by Michal Nowakowski of...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/07/security-protection-anti-virus-software-60504.jpeg)
Citrix ADC/Gateway Triple Threat
Written by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research ...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2020/06/istock-817486068.jpg)
CVE-2023-36884 – Office and Windows HTML Remote Code Execution Vulnerability
Written by Yann Lehmann and Harish Segar of the Kudelski Security Threat Detection & Researc...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/06/picture12_fig-7.png)
CVE-2023-33308 – Critical Remote Code Execution (RCE) on FortiOS/FortiProxy
Written by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research ...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/06/a010-markusspiske-jan19-msp_1804_2874.jpg)
CVE-2023-27997 – Pre-Authentication RCE on FortiGate SSL-VPN
Written by Harish Segar and Scott Emerson of the Kudelski Security Threat Detection & Resear...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2023/01/istock-961628368.jpeg)
3CX Supply Chain Attack ‘SmoothOperator’
Written by Anton Jörgensson, Eric Dodge & Yann Lehmann of the Kudelski Security Threat Detec...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2022/04/istock-1094130530.jpg)
CVE-2023-23397 – Microsoft Outlook Privilege Elevation Critical Vulnerability
Written by Lina Jiménez Becerra, Anton Jörgensson and Mark Stueck of the Kudelski Security Threat...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2022/07/quantum-nist.jpeg)
CVE-2023-27532 – Veeam Backup & Replication Vulnerability Exposes Stored Credentials, No Auth Necessary
Written by Mark Stueck and Scott Emerson of the Kudelski Security Threat Detection & Re...
Read More![](https://research.kudelskisecurity.com/wp-content/uploads/2022/11/marcos-blog.jpeg)
Ransomware as a Service – Nevada Ransomware campaign targeting VMWare ESXi servers
Written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team UPDAT...
Read More