Topic: threat actor activity
-
Inside the Qilin Ransomware Investigation
Security analysts must creatively piece together limited digital evidence from various sources to reconstruct cyberattacks, as investigations are often complicated by incomplete visibility and delayed tool deployment. In a Qilin ransomware case, investigators used antivirus alerts and Windows log...
Read More » -
Urgent: WatchGuard Firewalls Targeted by Critical Attack (CVE-2025-14733)
Over 115,000 WatchGuard Firebox firewalls are actively being targeted via a critical, unauthenticated remote code execution flaw (CVE-2025-14733) in the Fireware OS's IKED process. The U.S. CISA has mandated patching due to active exploitation, requiring an immediate upgrade to specific fixed Fir...
Read More » -
CISA Urges Immediate Patch for Exploited Citrix Bleed 2 Vulnerability
Federal agencies and businesses using Citrix NetScaler systems must urgently patch **CVE-2025-5777** after CISA confirmed active attacks, issuing a strict 24-hour deadline for remediation. The vulnerability affects **NetScaler ADC and Gateway devices** running outdated versions, allowing unauthor...
Read More » -
Gladinet patches critical zero-day flaw in file-sharing software
Gladinet has released a critical security update for CentreStack to address CVE-2025-11371, a zero-day vulnerability that allowed attackers to bypass protections and execute remote code on systems. The flaw, discovered by Huntress, involved inadequate input sanitization enabling directory travers...
Read More »