
CVE-2025-25257: Critical Unauthenticated SQL Injection Vulnerability in FortiWeb
On July 8, 2025, Fortinet released fixes for a critical vulnerability in FortiWeb that could allow an unauthenticated threat actor to execute SQL commands via
Delivering security operations outcomes.
Delivering AI outcomes you can trust.
Leverage the power of scale and AI expertise.
Ecosystem integrations and technology partnerships.
Partner with the world’s largest commercial agentic SOC.
Tailored security expertise and guided risk mitigation.
Security experts proactively protecting you 24×7.
Learn how our IR team stops attacks and swiftly restores your organization to pre-incident operations.
Build a resilient business by embracing Security Operations.
Map your security posture against industry standard frameworks.
Continuously discover, prioritize, and reduce exposure across your attack surface.
Receive end-to-end IR coverage for one incident, no matter the incident type.
Engage and prepare employees to recognize and neutralize social engineering attacks.
Curated by the world’s largest commercial SOC based on real-world attacks, emerging threats, and observed adversary behavior.
AI-driven prevention, detection, and response to stop endpoint threats before they disrupt your business.
Quickly detect, respond, and recover from advanced threats.
Recover quickly from cyber attacks and breaches, from threat containment to business restoration.
Stay covered at no cost with up to $3M in financial assistance for cybersecurity incidents.
Increase the likelihood of insurability, and potentially lower your rates.
Access a complimentary suite of tools to reduce risk and improve insurability.
|
2025 Arctic Wolf Threat Report
The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.
The Arctic Wolf State of Cybersecurity: 2025 Trends Report
The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.
Aurora: A New Dawn For Cybersecurity
Join Arctic Wolf on an interactive journey to discover a better path past the hazards of the modern threat landscape. |
Helping Solution Providers scale their business with a comprehensive portfolio of products and services.
Arctic Wolf provides the Insurance Partner Program for Brokers and Carriers to support them within the Cyber JumpStart portal.
Ecosystem integrations and technology partnerships.
Grow your business and solve your customers’ cybersecurity challenges with industry-leading turnkey security operations.
Arctic Wolf OEM Solutions enable ISVs, MSSPs, U.S. Federal Agencies, and security companies.

On July 8, 2025, Fortinet released fixes for a critical vulnerability in FortiWeb that could allow an unauthenticated threat actor to execute SQL commands via

On July 8, 2025, Microsoft released its July 2025 security update, addressing 130 newly disclosed vulnerabilities. Arctic Wolf is highlighting five vulnerabilities in this bulletin

Since early June 2025, Arctic Wolf has observed a search engine optimization (SEO) poisoning and malvertising campaign promoting malicious websites hosting Trojanized versions of legitimate

Arctic Wolf has recently observed a campaign targeting the legal industry using a combination of brute force and spear phishing techniques. Threat actors initially attempted

On June 25, 2025, Cisco released patches for two maximum-severity vulnerabilities in Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC). Both flaws allow

On June 23, 2025, Citrix updated the scope of a previously disclosed vulnerability—CVE-2025-5777—to clarify that it affects NetScaler devices configured as a Gateway (VPN virtual

On June 21st, the United States launched coordinated strikes against three Iranian nuclear facilities, marking its first direct military involvement in the ongoing Iran-Israel conflict.

Arctic Wolf has identified a social engineering campaign targeting health care providers in the United States. Throughout multiple incidents, hospital help desks have received suspicious

On June 17, 2025, watchTowr disclosed technical details for a pre-authenticated remote code execution (RCE) exploit chain in Sitecore Experience Platform (XP), an enterprise content

On June 10, 2025, Trend Micro released fixes for six critical vulnerabilities affecting Apex Central and Endpoint Encryption PolicyServer. Five of the vulnerabilities allow remote

Arctic Wolf has recently observed customers receiving unsolicited Microsoft multi-factor authentication (MFA) text messages. These messages originate from legitimate Microsoft short code numbers; however, the

On June 10, 2025, Microsoft released its June 2025 security update, addressing 66 newly disclosed vulnerabilities. Arctic Wolf has highlighted five of these vulnerabilities in

On June 4, 2025, Cisco released fixes for multiple vulnerabilities, several of which were noted to have publicly available proof-of-concept (PoC) exploit code. The most

On June 2, 2025, Hewlett Packard Enterprise (HPE) released fixes for multiple vulnerabilities affecting HPE StoreOnce VSA, an enterprise backup storage solution. The most severe

On May 28, 2025, ConnectWise published an advisory disclosing suspicious activity within its environment, attributed to a sophisticated nation-state threat actor known for intelligence collection.

On May 21, 2025, ProjectDiscovery published technical details for multiple vulnerabilities they discovered in Versa Concerto, including authentication bypasses, remote code execution (RCE), and container

Arctic Wolf has recently observed the distribution of a trojanized RVTools installer via a malicious typosquatted domain. The domain matches the legitimate domain, however, the

Update – Fixes are now available for the high-severity path traversal zero-day vulnerability, now tracked as CVE-2025-4632, in Samsung MagicINFO 9 Server. Arctic Wolf had

On May 13, 2025, SAP released a security advisory for CVE-2025-42999, a deserialization of untrusted data vulnerability in the NetWeaver Visual Composer component. This follows

On May 13, 2025, Ivanti released patches addressing multiple vulnerabilities across its products. The most severe issues include an unauthenticated remote code execution exploit chain

On May 13, 2025, Microsoft released its May 2025 security update, addressing 78 newly disclosed vulnerabilities. Arctic Wolf has highlighted six of these vulnerabilities in

On May 13, 2025, Fortinet published a security advisory on a critical severity stack-based overflow vulnerability, CVE-2025-32756, impacting FortiVoice, FortiCamera, FortiMail, FortiNDR, and FortiRecorder. The

Update – Since our last security bulletin, Commvault has clarified that being on versions 11.38.20 or 11.38.25 alone is not sufficient—particular updates within those versions

On 7 May 2025, watchTowr publicly disclosed technical details and a proof-of-concept (PoC) exploit for a pre-authenticated Remote Code Execution (RCE) chain affecting SysAid On-Premises,

Update – Recent reports confirm that the previously recommended fixed version (21.1050) of Samsung MagicINFO 9 Server remains vulnerable to a vulnerability being exploited in the wild.

On May 7, 2025, watchTowr publicly disclosed technical details and a proof-of-concept (PoC) exploit for a pre-authenticated Remote Code Execution (RCE) chain affecting SysAid On-Premises,

May 2 Updates: On May 1, 2025, CISA updated the Known Exploited Vulnerability (KEV) catalog with both vulnerabilities. On May 2, 2025, watchTowr Labs released

On April 24, 2025, SAP released fixes for CVE-2025-31324, a maximum-severity zero-day unrestricted file upload vulnerability in the NetWeaver Visual Composer component. Visual Composer is

We have published a new security bulletin detailing the newly clarified fixed versions of Commvault Command Center. On April 24, 2025, watchTowr published technical details

On April 16, 2025, fixes were released for a maximum severity vulnerability in Erlang/OTP SSH, CVE-2025-32433. Erlang/OTP SSH is a library within the Erlang/OTP platform,
GLOBAL HEADQUARTERS
© 2026 Arctic Wolf Networks Inc. All Rights Reserved. |
||||||
Privacy Notice |
Terms of Use |
Cookie Policy |
Accessibility Statement |
Information Security |
Sustainability Statement |
Cookies Settings |