Category: alerts

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Cisco–Cisco Secure Email Cisco is aware of a potential vulnerability.  Cisco is currently investigating and will update these details as appropriate as more information becomes available. 2025-12-17 10 CVE-2025-20393 cisco-sa-sma-attack-N9bf4  Hewlett Packard Enterprise (HPE)–HPE OneView A remote code execution issue exists in HPE OneView. Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Unknown–Typora Typora 1.7.4 contains a command injection vulnerability in the PDF export preferences that allows attackers to execute arbitrary system commands. Attackers can inject malicious commands into the ‘run command’ input field during PDF export to achieve remote code execution. 2025-12-12 9.8 Read more

Systems Affected   Systems running Microsoft Office XP and Outlook 2002   Overview   There is a vulnerability in Outlook 2002 that could allow attackers to take control of your computer.   Description   By taking advantage of the way Outlook interprets email links, an attacker may be able to gain control of your computer. Read more

Systems Affected   Systems running Microsoft Windows   Overview   Microsoft Windows contains multiple vulnerabilities, the most serious of which could allow attackers to take control of your computer.   Description   Microsoft’s updated Home User Security Bulletin for February 2004 describes more vulnerabilities in the Microsoft Windows operating system. Microsoft is tracking these issues Read more

Systems Affected   Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point Firewall-1 NG FP2 Check Point Firewall-1 NG FP3, HF2 Check Point Firewall-1 NG with Application Intelligence R54 Check Point Firewall-1 NG with Application Intelligence R55     Overview   Several versions of Check Point Firewall-1 contain a vulnerability that allows Read more

Systems Affected   Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer 6 Previous versions that are no longer supported may also be affected.     Overview   Microsoft Internet Explorer (IE) contains multiple vulnerabilities, the most serious of which could allow attackers in any location to run programs of their choice Read more

Systems Affected   Any system running Microsoft Windows (Windows 95 and newer) that are used for reading email or accessing peer-to-peer file sharing services.   Overview   A new variant of the previously discovered MyDoom virus, MyDoom.B, has been identified. In addition to the common traits of email-borne viruses, this virus may prevent your computer Read more

Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.[1][2][3][4][5] In it we highlight the use of five publicly available tools, which have been used for malicious purposes in recent cyber incidents around the world. The five tools Read more

Summary The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this activity alert to inform computer network defenders about SamSam ransomware, also known as MSIL/Samas.A. Specifically, this product shares analysis of vulnerabilities that cyber actors exploited to deploy this ransomware. In addition, Read more

Summary The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic Read more