Skip to content
Security News, Assessments & Alerts Page 15

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Dec 10, 2025Ravie LakshmananVulnerability / Endpoint Security Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The… 

Read More »Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously undocumented remote access trojan dubbed… 

Read More »North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Dec 09, 2025Ravie LakshmananCybersecurity / Malware Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under… 

Read More »Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Dec 09, 2025Ravie LakshmananRansomware / Endpoint Security The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing,… 

Read More »Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
CISA, FBI, and U.S. and Global Partners Urge Immediate Action to Defend Critical Infrastructure from Pro-Russia Hacktivist Threats

CISA, FBI, and U.S. and Global Partners Urge Immediate Action to Defend Critical Infrastructure from Pro-Russia Hacktivist Threats

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), National Security Agency (NSA), Department of Energy (DOE), Environmental Protection Agency (EPA), Department of Defense’s Cyber Crime Center (DC3), and… 

Read More »CISA, FBI, and U.S. and Global Partners Urge Immediate Action to Defend Critical Infrastructure from Pro-Russia Hacktivist Threats