Security Intelligence

Fortinet products affected by SSO login authentication bypass

Fortinet patches two critical SSO authentication-bypass flaws that allow unauthorized admin access via crafted SAML...

Security Intelligence

December 2025 Patch Tuesday updates from Microsoft

Microsoft’s December Patch Tuesday patches 57 flaws—including an actively exploited Windows privilege-escalation bug....

Security Intelligence

Weekly Threat Round-Up: BRICKSTORM, React Server Components flaw & more

December 9, 2025 threat round-up shines a spotlight on the React Server Components RCE vulnerability, BRICKSTORM...

Security Intelligence

Maximum-severity XXE vulnerability in Apache Tika

Apache Tika hit by a critical XXE vulnerability enabling data leaks and possible RCE through crafted PDFs. Update to...

Security Intelligence

Active exploitation of Array Networks AG Gateway vulnerability

Active exploits target unpatched Array Networks AG gateways, enabling command injection and network compromise. Learn...

Security Intelligence

BRICKSTORM campaign uses MSP credentials to compromise virtual infrastructures

State-sponsored actors use BRICKSTORM malware to exploit MSP credentials and infiltrate VMware environments. Learn key...

Security Intelligence

React Server Components RCE: Impact on Next.js and ecosystem dependencies

Critical React and Next.js RSC flaw enables unauthenticated remote code execution. Learn impacts, affected versions,...

Security Intelligence

CISA Warns of Zenitel TCIV-3+ Maximum Severity Flaws

On November 25, 2025, CISA published an advisory detailing five vulnerabilities in Zenitel TCIV-3+ intercom versions...

Security Intelligence

Weekly Threat Round-Up: ASUS Router Flaws, Shai-Hulud 2.0, & Critical Grafana Bug

December 2, 2025 threat round-up shines a spotlight on critical router vulnerabilities, credential-theft campaigns, and...

Security Intelligence

Recent ASUS advisories address critical and exploited router flaws

ASUS has issued multiple critical security advisories affecting AiCloud-enabled routers, DSL router families, MyASUS,...

Security Intelligence

“Recent Links” feature used by online formatters exposes private data

Online code beautifiers’ “Recent Links” feature exposes sensitive credentials and private data, revealing major risks...

Security Intelligence

New Shai-Hulud variant uses preinstall script for credential theft

A new Shai-Hulud variant is abusing the npm registry with trojanized packages and malicious preinstall scripts enabling...