ALL POSTS

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability in BeyondTrust Remote Support (RS) and older Privileged Remote Access (PRA) products to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked as CVE-2026-1731, has a CVSS score of 9.9 and could allow an unauthenticated attacker to execute remote commands without logging in. BeyondTrust released security updates on February 6, 2026, to address the critical vulnera

Key Findings CISA has issued a binding operational directive ordering federal civilian executive branch (FCEB) agencies to stop using "edge devices" like firewalls and routers that their manufacturers no longer support. The directive aims to tackle a persistent attack vector that has factored into major and common cyber exploits in recent years. Unsupported edge devices pose serious risks as they are vulnerable to newly discovered and unpatched flaws that can provide hackers

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities Key Findings: CISA added four security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities affect Synacor Zimbra Collaboration Suite, Versa Concerto SD-WAN orchestration platform, Vite Vitejs, and eslint-config-prettier npm package. CISA has ordered Federal Civilian Executive Branch (FCEB) agencies to apply th

Key Findings: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a flaw impacting Gogs, a lightweight, open-source, self-hosted Git service, to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2025-8110, has a CVSS score of 8.7 and is a path traversal issue in the PutContents API that allows for local execution of code. The flaw is a bypass for a previously patched remote code execution (RCE) vulnerability, CVE-2024-

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the MongoDB vulnerability CVE-2025-14847, known as "MongoBleed," to its Known Exploited Vulnerabilities (KEV) Catalog. The vulnerability, with a CVSS score of 8.7, allows unauthenticated, remote attackers to execute arbitrary code on vulnerable MongoDB servers. Over 87,000 potentially vulnerable MongoDB instances have been identified worldwide, primarily located in the U.S., China, Germany

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw in Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2023-52163, has a CVSS score of 8.8 and allows post-authentication remote code execution through a case of command injection. CISA cited evidence of active exploitation of the flaw by threat actors to deliver botnets like Mirai and S

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-14174: Google Chromium Out-of-Bounds Memory Access Vulnerability CVE-2018-4063: Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability Background CVE-2025-14174 is an out-of-bounds memory access flaw in the ANGLE graphics library of Google Chrome on Mac, which can be expl

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the widely used OSGeo GeoServer software to its Known Exploited Vulnerabilities (KEV) Catalog. The flaw, tracked as CVE-2025-58360, is an XML External Entity (XXE) vulnerability that attackers are actively exploiting to breach networks and steal sensitive data. The vulnerability lies within GeoServer's handling of XML input, allowing attackers to define e

Key Findings A critical security flaw (CVE-2025-13658, CVSS 9.8) has been discovered in the Longwatch video surveillance and monitoring system developed by Industrial Video & Control (IV&C). The vulnerability allows unauthenticated remote code execution with SYSTEM-level privileges, enabling complete takeover of the affected OT surveillance systems. The flaw resides in the way the Longwatch devices handle incoming web traffic, allowing arbitrary code execution through an expo

Key Findings U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-48572: Android Framework Privilege Escalation Vulnerability CVE-2025-48633: Android Framework Information Disclosure Vulnerability Background The two high-severity vulnerabilities are reported to be "under limited, targeted exploitation" in the wild. Google's latest Android update for December 2025

Key Findings CISA has issued an alert warning of threat actors actively using commercial spyware and remote access trojans (RATs) to target users of mobile messaging apps like Signal and WhatsApp. The attackers employ sophisticated social engineering and targeting techniques to deliver spyware and gain unauthorized access to victims' messaging apps, enabling further device compromise. The targeting appears opportunistic but often focuses on high-value individuals such as gove

Background Gladinet CentreStack and Triofox are enterprise file-sharing and cloud storage solutions designed for businesses. CentreStack provides a secure platform for file sharing, syncing, and collaboration, integrating on-premises storage with cloud access. Triofox offers a hybrid cloud solution that enables secure remote access to existing Windows file shares and SMB/NFS storage. CVE-2025-11371 - Gladinet CentreStack and Triofox Files or Directories Accessible to External