Threats

CVE-2025-20059: Relative Path Traversal Vulnerability in Ping Identity PingAM Java Policy Agent

/
CVE-2025-20059 Exploitation

Hard on the heels of the recent disclosure of CVE-2025-0108 exploitation affecting Palo Alto Networks PAN-OS products, another critical vulnerability comes to light. Defenders identified a new critical relative path traversal vulnerability in Ping Identity PingAM Java Policy Agent, CVE-2025-20059, which gives attackers the green light to inject malicious parameters spreading the infection further. The […]

The post CVE-2025-20059: Relative Path Traversal Vulnerability in Ping Identity PingAM Java Policy Agent appeared first on SOC Prime.

News & Updates

AI-Powered Deception is a Menace to Our Societies

/
Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how different newspapers report on wars, where it’s said, ‘The first casualty is the truth.’ 
While these forms of communication
News & Updates

U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog

/
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Craft CMS and Palo Alto Networks PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: Craft is a flexible, user-friendly CMS, affected […]
Cybersecurity Tools

Top 9 Arctic Wolf alternatives and competitors

/

Managed security services like Arctic Wolf and its competitors help companies boost cybersecurity without the hassle of an in-house IT team. It’s a practical way to stay secure while focusing on your core business. Arctic Wolf is popular, but many other MDR providers offer excellent features and services. Here are nine top Arctic Wolf alternatives […]

The post Top 9 Arctic Wolf alternatives and competitors appeared first on Heimdal Security Blog.

News & Updates

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

/
Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies.
“The threat actor then demonstrated their ability to persist in target environments across equipment from multiple
News & Updates

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

/
A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was addressed by the
News & Updates

Atlassian fixed critical flaws in Confluence and Crowd

/
Australian software firm Atlassian patched 12 critical and high-severity flaws in Bamboo, Bitbucket, Confluence, Crowd, and Jira. Software firm Atlassian released security patches to address 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira products. The most severe vulnerabilities addressed by the company are: CVE-2024-50379 – (CVSS score of 9.8) – RCE […]
Scroll to Top