Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities in question are listed below – An attacker that successfully exploits these flaws could chain them together to execute arbitrary code on a vulnerable device without authentication. The
Read More
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below – “An attacker with access to an SMA SSL-VPN user account can chain these vulnerabilities to make a sensitive system directory writable, elevate their privileges
Read More
Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. “This vulnerability is due to the presence of a hard-coded
Read More
A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting various entities in Taiwan and South Korea, including military, satellite, heavy industry, media, technology, software services, and healthcare sectors. Cybersecurity firm Trend Micro said the first wave, codenamed VENOM, mainly targeted software service
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all