H-ISAC: White Reports
On October 4, 2025, Oracle released an advisory to address a critical vulnerability, CVE-2025-61882, affecting E-Business Suite (EBS) systems, versions 12.2.3 through 12.2.14.
Health-ISAC, in cooperation with intelligence partners, received information concerning the recently released LockBit 5.0 ransomware variant.
On September 29, 2025, Broadcom issued an advisory for a local privilege escalation flaw tracked as CVE-2025-41244, affecting VMware Tools and VMware Aria Operations guest service discovery features.
Libraesva patched a command injection vulnerability CVE-2025-59689 in Libraesva's Email Security Gateway (ESG) solution.
On September 17, 2025, WatchGuard released a security advisory regarding a critical vulnerability, tracked as CVE-2025-9242.
SonicWall has disclosed a security incident in which threat actors gained unauthorized access to backup firewall preference files stored in its cloud service,
On September 11, 2025, Okta discovered a sophisticated Phishing-as-a-Service framework named VoidProxy. Due to its evasive capabilities and modular design, it has emerged as a significant threat.
The following information is being provided by the FBI, with no guarantees or warranties, for potential use at the sole discretion of recipients to protect against cyber threats. This data is provided in order to help cyber security professionals and system administrators to guard against the…
Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed.
FS-ISAC has released several white papers discussing AI best practices.