CSIRT - National Cybersecurity Emergency Responce Team
Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet RCE vulnerabilities within FortiOS and FortiGate products. This malicious file could enable read-only access to files on the devices’ file system, which may include configurations. Read more
Наскоро открита уязвимост в Apache Tomcat е активно експлоатирана след оповестяване на публичен експлойт. Уязвимостта CVE-2025-24813 засяга следните версии на Apache Tomcat: Apache Tomcat 11.0.0-M1 до 11.0.2 Apache Tomcat 10.1.0-M1 до 10.1.34 Apache Tomcat 9.0.0-M1 до 9.0.98 Уязвимостта включва Remote code execution или разкриване на информация, когато са налице определени условия: Writes е разрешено за … Read more
Adobe released security updates to address vulnerabilities in multiple Adobe software products including Adobe Photoshop, Animate, and Illustrator for iPad. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Read more
Ivanti released security updates to address vulnerabilities in Ivanti Avalanche, Ivanti Application Control Engine, and Ivanti EPM.
Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Ivanti released security updates to address vulnerabilities (CVE-2025-0282, CVE-2025-0283) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. A cyber threat actor could exploit CVE-2025-0282 to take control of an affected system. Read more
Fortinet released a security update to address a vulnerability in FortiManager. A remote cyber threat actor could exploit this vulnerability to take control of an affected system.
Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.