Threat Alert Center
Be the first to know about the latest vulnerabilities, attack campaigns, and highly impactful threat actor activity. Our threat advisories and bulletins provide detailed and easy to understand security guidance about current security issues, vulnerabilities, and exploits.
Critical Unauthenticated Remote Code Execution Vulnerabilities inIngress NGINX
Summary Wiz Research has uncovered multiple critical unauthenticated remote code execution (RCE) ...
Read More
Oracle Cloud SSO, LDAP Records Dumped, 140k+ Tenants Affected
On March 21, security threat intel vendor CloudSEK published a report on a forum post from a thre...
Read More
CVE-2025-24813: Apache Tomcat RCE/Info Disclosure Bug Exploited in the Wild
Summary On March 10, Apache disclosed CVE-2025-24813, a remote code execution and/or information ...
Read More
Pre-authentication SQL Injection to RCE in GLPI (CVE-2025-24799 / CVE-2025-24801)
Summary A significant vulnerability has been identified in GLPI, a popular open-source IT asset m...
Read More
Critical Kibana Vulnerability Enabling Remote Code Execution (CVE-2025-25012)
Summary A critical vulnerability, identified as CVE-2025-25015, has been disclosed in Kibana, whi...
Read More
Critical VMware ESXi, Workstation, Fusion Vulnerabilities Seen Exploited in Wild
Summary On March 4th, Microsoft’s Threat Intelligence Center (MSTIC) uncovered three critic...
Read More
Palo Alto PAN-OS Bug Severity Upgraded, Exploited in Wild
Summary Earlier this month we published an advisory about CVE-2025-0108, a vulnerability which al...
Read More
PAN-OS: Authentication Bypass in the Management Web Interface Disclosed andPatched
Summary A recently discovered vulnerability, CVE-2025-0108, in Palo Alto Networks PAN-OS, allows ...
Read More
Ivanti ICS, IPS, ISAC, CSA: Multiple Vulnerabilities Disclosed and Patched
Summary Ivanti has released security updates addressing nine vulnerabilities affecting Ivanti Con...
Read More
Critical Vulnerability in SonicWall Secure Mobile Access (SMA) 1000 Series Appliances
Summary A critical vulnerability (CVE-2025-23006) has been identified in SonicWall Secure Mobile ...
Read More
CVE-2024-55591: Critical Auth Bypass Affecting FortiOS and FortiProxy Seen in Wild
Summary On Jan. 14, FortiNet released an advisory regarding an authentication bypass in some vers...
Read More
Critical Vulnerabilities CVE-2025-0282 and CVE-2025-0283 in Ivanti Connect Secure VPN Appliances
Summary On January 8, 2025, Ivanti disclosed two critical vulnerabilities, and, impacting Ivanti ...
Read More
Time to patch: Multiple critical vulnerabilities under exploitation
Summary At Kudelski security, with the end of year approaching we have observed multiple vulnerab...
Read More
Critical Zero-Day Vulnerability in Palo Alto Networks Next-Generation Firewalls (PAN-SA-2024-0015)
Summary Palo Alto Networks has identified a critical zero-day vulnerability (PAN-SA-2024-0015) in...
Read More
FortiManager Critical CVE-2024-47575 “FortiJump” Allows RCE
Summary On October 23, 2024, Fortinet published an advisory for CVE-2024-47575, a critical-severi...
Read More