SmarterMail
CVE-2026-20045 Critical Cisco Unified Communications COMMAND INJECTION UNAUTHENTICATED Critical vulnerability affects multiple Cisco Unified Communications platforms and allows an unauthenticated remote attacker to execute arbitrary commands via crafted HTTP requests sent to the web-based management interface, enabling complete system compromise. Urgent Action: Immediately apply Cisco's security updates, restrict
CVE-2025-59718
TRENDING TOPICS JAN 22, 2026 Active Exploitation of FortiGate Firewalls via FortiCloud SSO Patch Bypass (CVE-2025-59718) Arctic Wolf has observed a new cluster of automated malicious activity targeting FortiGate firewalls, involving unauthorized FortiCloud SSO logins, followed by rapid configuration changes and data exfiltration. Attackers leveraged SSO authentication bypass behavior consistent
Maritime
CVE-2025-20393 Critical Cisco AsyncOS COMMAND INJECTION EXPLOITED IN WILD Cisco AsyncOS flaw allows remote attackers to execute arbitrary commands with root-level privileges due to improper input validation, granting full control over the underlying operating system. Exploitation has been observed in the wild and is limited to appliances where the Spam
Storm-0249
CVE-2025-62221 High Windows Cloud Files Mini Filter PRIVILEGE ESCALATION EXPLOITED IN WILD Windows Cloud Files Mini Filter Driver EoP allowing attackers to escalate from user context to SYSTEM. Actively used in real-world post-compromise chains. CVE-2025-62454 High Windows Cloud Files Mini Filter PRIVILEGE ESCALATION HIGH EXPLOIT LIKELIHOOD Cloud Files Mini Filter