Threat Alert Center
Be the first to know about the latest vulnerabilities, attack campaigns, and highly impactful threat actor activity. Our threat advisories and bulletins provide detailed and easy to understand security guidance about current security issues, vulnerabilities, and exploits.
Time to patch: Multiple critical vulnerabilities under exploitation
Summary At Kudelski security, with the end of year approaching we have observed multiple vulnerab...
Read MoreCritical Zero-Day Vulnerability in Palo Alto Networks Next-Generation Firewalls (PAN-SA-2024-0015)
Summary Palo Alto Networks has identified a critical zero-day vulnerability (PAN-SA-2024-0015) in...
Read MoreFortiManager Critical CVE-2024-47575 “FortiJump” Allows RCE
Summary On October 23, 2024, Fortinet published an advisory for CVE-2024-47575, a critical-severi...
Read MoreKubernetes Image Builder Vulnerabilities
Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (C...
Read MoreSplunk Enterprise Multiple Vulnerabilities for RCE
Summary Splunk has disclosed several high-severity vulnerabilities in Splunk Enterprise and Splun...
Read MoreSecurity Advisory: CVE-2024-45519
Summary CVE-2024-45519 is a critical security vulnerability discovered in the postjournal service...
Read MoreCritical Security Updates for Palo Alto Networks: CVE-2024-5910 & CVE-2024-3596
Summary Palo Alto Networks has released critical security updates addressing several vulnerabilit...
Read MoreRemote Code Execution in OpenSSH’s Server (CVE-2024-6387) – regreSSHion
Updates made on July 3 Summary A critical vulnerability (CVE-2024-6387) named regreSSHion has bee...
Read MoreCritical Authentication Bypass in Juniper Session Smart Router CVE-2024-2973
Summary Juniper Networks has issued an out-of-cycle security bulletin to address a critical vulne...
Read MoreIvanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time
Written by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by ...
Read MoreCVE-2023-46604 Apache ActiveMQ RCE vulnerability
Written by Joshua Cartlidge of the Kudelski Security Threat Detection & Research Team Summar...
Read MoreF5 BIG-IP Unauthenticated RCE via HTTP Request Smuggling
Written by Scott Emerson of the Kudelski Security Threat Detection & Research Team Summary R...
Read MoreVMware vCenter Server Out-of-Bounds Write Vulnerability (CVE-2023-34048)
Written by Yann Lehmann with the support of Scott Emerson of the Kudelski Security Threat Detecti...
Read MoreImage I/O & WebP/libwebp Zero-Day Vulnerabilities
Google/Heap Buffer Overflow Vulnerability in WebP (CVE-2023-4863) Written by Michal Nowakowski of...
Read MoreCitrix ADC/Gateway Triple Threat
Written by Eric Dodge and Harish Segar of the Kudelski Security Threat Detection & Research ...
Read More