CISA has confirmed the active exploitation of a critical OS Command Injection vulnerability (CVE-2026-25108) in FileZen by Soliton Systems K.K., adding it to the Known Exploited Vulnerabilities (KEV) Catalog. Organizations using FileZen are urged to apply security updates immediately to prevent unauthorized access and system compromise.
https://cybersecuritynews.com/cisa-confirms-active-exploitation-of-filezen-vulnerability/

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

PSA for Statamic folks - update your sites ASAP! ⚠️

A CRITICAL vuln was discovered that allows full account takeover via password resets! 😱

All the details: https://cvereports.com/reports/CVE-2026-27593 #Laravel

🚨 Statamic CMS CRITICAL vuln (CVE-2026-27593): Weak password reset lets attackers hijack accounts if users click a malicious link. Patch to 6.3.3/5.73.10+, educate users, enable MFA. Details: https://radar.offseq.com/threat/cve-2026-27593-cwe-640-weak-password-recovery-mech-d0c0ac0e #OffSeq #Statamic #CVE202627593 #infosec

Because the hits just keep on rolling, #Apple Pushes Emergency #iPhone #Update After ‘Extremely Sophisticated’ Spyware Attack.

So, this zero day is being exploited even as we speak. If you own Apple devices, go update now.

The flaw, tracked as CVE-2026-20700, is a memory corruption vulnerability in the system’s core components that could allow attackers to execute arbitrary code, potentially leading to device takeover, spyware installation, or data theft.

Why this matters:
The vulnerability is already being used in real-world, targeted attacks.
Attackers may exploit it via malicious websites or image files without user interaction.

How to update:
Go to Settings > General > Software Update.
Tap Download and Install.
Ensure your device is plugged in and connected to Wi-Fi.

Enable Automatic Updates to avoid missing future patches.

It's a blog post I should have published months ago, but here we finally are.

"CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP"

Credit goes to t0zhang (on X) for the discovery.

👉 https://itm4n.github.io/cve-2025-59201-ncsi-eop/

I'd like to write more of those but it's so time-consuming. 😔

#cve #windows

Experimental features can introduce unexpected security issues. Take these 2 bugs in Mastodon for example.

CVE-2026-27477: https://github.com/mastodon/mastodon/security/advisories/GHSA-46w6-g98f-wxqm
CVE-2026-27468: https://github.com/mastodon/mastodon/security/advisories/GHSA-qgmm-vr4c-ggjg

Experimental features can introduce unexpected security issues. Take these 2 bugs in Mastodon for example.

CVE-2026-27477: https://github.com/mastodon/mastodon/security/advisories/GHSA-46w6-g98f-wxqm
CVE-2026-27468: https://github.com/mastodon/mastodon/security/advisories/GHSA-qgmm-vr4c-ggjg

Akamai links recent MSHTML zero-day patched this month to APT28 operations

https://www.akamai.com/blog/security-research/2026/feb/inside-the-fix-cve-2026-21513-mshtml-exploit-analysis