Search Results

The default setting for search results displays All Content. If you prefer to see recent content only, please adjust the date filter.

Filter your results:

Types

Topics

918 Results Found

Public

H-ISAC TLP White: Hacking Healthcare - October 10, 2025

This week, Health-ISAC®'s Hacking Healthcare® examines the recent cyber incident at famed British car manufacturer Jaguar Land Rover.
Public

H-ISAC TLP White Vulnerability Bulletin: Oracle E-Business Suite Vulnerability (CVE-2025-61882) Exploited in Extortion Attacks

On October 4, 2025, Oracle released an advisory to address a critical vulnerability, CVE-2025-61882, affecting E-Business Suite (EBS) systems, versions 12.2.3 through 12.2.14.
Public

H-ISAC TLP White Threat Bulletin New LockBit Ransomware Emerges as Most Dangerous Yet

Health-ISAC, in cooperation with intelligence partners, received information concerning the recently released LockBit 5.0 ransomware variant.
Public

H-ISAC TLP White Threat Bulletin: Exploitation Confirmed for VMware Flaw CVE-2025-41244

On September 29, 2025, Broadcom issued an advisory for a local privilege escalation flaw tracked as CVE-2025-41244, affecting VMware Tools and VMware Aria Operations guest service discovery features.
Member

H-ISAC TLP White Threat Bulletin: Libraesva ESG Flaw Exploited by Nation-State Threat Actor (CVE-2025-59689

Libraesva patched a command injection vulnerability CVE-2025-59689 in Libraesva's Email Security Gateway (ESG) solution.
Public

H-ISAC TLP White Vulnerability Bulletins TLP White Critical Vulnerability in WatchGuard Firebox Firewalls (CVE-2025-9242)

On September 17, 2025, WatchGuard released a security advisory regarding a critical vulnerability, tracked as CVE-2025-9242.
Public

H-ISAC TLP White Threat Bulletin SonicWall MySonicWall Cloud Backup Incident

SonicWall has disclosed a security incident in which threat actors gained unauthorized access to backup firewall preference files stored in its cloud service,
Public

H-ISAC TLP White Threat Bulletin VoidProxy: A New and Evasive Phishing-as-a-Service Framework

On September 11, 2025, Okta discovered a sophisticated Phishing-as-a-Service framework named VoidProxy. Due to its evasive capabilities and modular design, it has emerged as a significant threat.
Public

FBI Flash TLP Clear: Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances

 
Public

H-ISAC TLP White Threat Bulletin: Critical SAP S/4HANA Vulnerability Actively Exploited (CVE-2025-42957) Sept. 9, 2025

Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed.