Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When it comes to vulnerability management, time is critical - the longer a vulnerability goes unaddressed, the greater the risk. Security teams need efficient, reliable processes that don’t drain resources. For most teams, relying on human effort alone isn’t sustainable or scalable. This is why so many teams turn to workflow orchestration and automation.

On February 19, 2025, Horizon3.ai published proof-of-concept (PoC) exploit code and technical details for critical Ivanti Endpoint Manager (EPM) vulnerabilities disclosed in January. The vulnerabilities are tracked as CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, and CVE-2024-13159, allowing a remote unauthenticated attacker to leak sensitive information via a path traversal. They share the same underlying issue, which results from an unauthenticated endpoint failing to validate input.

CVE-2025-0108 is a high-severity authentication bypass vulnerability affecting Palo Alto’s PAN-OS, the operating system for their next-generation firewalls. This flaw allows an unauthenticated attacker with network access to the PAN-OS management web interface to bypass authentication controls and execute restricted PHP scripts.

On February 18, CISA has added the recently published Palo Alto Networks CVE-2025-0108 to the list of known exploited vulnerabilities. To date, according to GreyNoise, there are over 25 known distinct public sources attempting exploitation. Unmitigated, this vulnerability can lead to significantly weakened network defenses and open doors for data leakages, financial compromises, and ransomware down the road.

The team at Seemplicity is thrilled to announce a set of new features to enhance our customers’ experience with our platform! This release enhances intelligent automation and insights, personalization and customization, and overall user experience. Here’s what’s new.

The future cyber threat is not static and appears to exploit vulnerabilities with fresh ransomware gangs and devastate businesses all over the world. One of such infamous gangs, Fog Ransomware, is currently dumping sensitive data of several businesses, recent attacks including GitLab deep. Foresiet security researchers believe that Fogs recently exploited Gitlab Cve perhaps they employed a fresh or unfixed zero-day vulnerability in GitLab.to launch its attacks.