Monthly Archive

CVE-2026-1281 and CVE-2026-1340: Unauthenticated RCE Zero-Day Vulnerabilities in Ivanti Endpoint Manager Mobile

Jan 30, 2026 By Andres Ramos In Arctic Wolf

On January 29, 2026, Ivanti released fixes for two critical zero-day code injection vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). The vulnerabilities, tracked as CVE-2026-1281 and CVE-2026-1340, impact the In-House Application Distribution and Android File Transfer Configuration features and allow unauthenticated remote threat actors to achieve remote code execution.

Read Post

Arctic Wolf

Read more about CVE-2026-1281 and CVE-2026-1340: Unauthenticated RCE Zero-Day Vulnerabilities in Ivanti Endpoint Manager Mobile

Multiple Critical Authentication Bypass and Remote Code Execution Vulnerabilities Fixed in SolarWinds Web Help Desk

Jan 28, 2026 By Andres Ramos In Arctic Wolf

On January 28, 2026, SolarWinds released fixes for multiple vulnerabilities impacting Web Help Desk (WHD). WHD is an IT service management platform that may contain sensitive information, making it a valuable target for threat actors if compromised. Among the vulnerabilities addressed, four were rated as critical: At the time of writing, Arctic Wolf has not observed exploitation of these vulnerabilities in the wild, nor identified a publicly available proof-of-concept exploit.

Read Post

Arctic Wolf

Read more about Multiple Critical Authentication Bypass and Remote Code Execution Vulnerabilities Fixed in SolarWinds Web Help Desk

CVE-2026-24858: FortiCloud SSO Authentication Bypass Vulnerability Exploited

Jan 28, 2026 By Julian Tuin In Arctic Wolf

On January 27, 2026, Fortinet released an advisory detailing a critical authentication bypass vulnerability affecting FortiOS, FortiAnalyzer, FortiManager, and FortiProxy products. Designated CVE-2026-24858, the vulnerability allows an unauthenticated threat actor with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

Read Post

Arctic Wolf

Read more about CVE-2026-24858: FortiCloud SSO Authentication Bypass Vulnerability Exploited

How to Integrate ITSM in Managed Risk for Better Visibility and Faster Remediation

Jan 27, 2026 By Arctic Wolf Networks In Arctic Wolf

See how Arctic Wolf Managed Risk turns risk visibility into remediation through seamless integrations with partners like ServiceNow and ConnectWise. This demo shows how automated ticketing, unified workflows, and prioritized findings help security and IT teams accelerate remediation without added workload.

View Video

Arctic Wolf

Read more about How to Integrate ITSM in Managed Risk for Better Visibility and Faster Remediation

How to Customize Arctic Wolf Managed Awareness Content and Phishing Simulations

Jan 27, 2026 By Arctic Wolf Networks In Arctic Wolf

In this demo, we will look at customization options available to customers for scheduling, email delivery and phishing simulations within the Arctic Wolf Managed Security Awareness program.

View Video

Arctic Wolf

Read more about How to Customize Arctic Wolf Managed Awareness Content and Phishing Simulations

CVE-2026-21962: Maximum-severity Vulnerability in Oracle HTTP Server/WebLogic Proxy Plug-In

Jan 23, 2026 By Andres Ramos In Arctic Wolf

On January 20, 2026, Oracle patched a maximum‑severity vulnerability in its Fusion Middleware suite affecting Oracle HTTP Server and the WebLogic Server Proxy Plug‑in, tracked as CVE‑2026‑21962. An unauthenticated remote threat actor can exploit this flaw to gain unauthorized creation, deletion, or modification access to critical data. The issue stems from improper handling of incoming requests by the WebLogic Server Proxy Plug‑ins for Apache HTTP Server and Microsoft IIS.

Read Post

Arctic Wolf

Read more about CVE-2026-21962: Maximum-severity Vulnerability in Oracle HTTP Server/WebLogic Proxy Plug-In

CVE202620045: Exploited Unauthenticated Remote Code Execution Vulnerability in Cisco Unified Communications Products

Jan 22, 2026 By Andres Ramos In Arctic Wolf

On January 21, 2026, Cisco released fixes for a high-severity vulnerability impacting Cisco Unified Communications products that is under active exploitation, tracked as CVE-2026-20045. The flaw arises from improper input validation of user-supplied data in HTTP requests to the web-based management interface of affected devices.

Read Post

Arctic Wolf

Read more about CVE202620045: Exploited Unauthenticated Remote Code Execution Vulnerability in Cisco Unified Communications Products

How to Build an Incident Response Plan with Arctic Wolf's IR Planner

Jan 22, 2026 By Arctic Wolf Networks In Arctic Wolf

This video will walk you through how Arctic Wolf retainer customer can use the Incident Response Planner to organize, update and access your organization's critical, operational information in the event of an incident.

View Video

Arctic Wolf

Read more about How to Build an Incident Response Plan with Arctic Wolf's IR Planner

Arctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts

Jan 21, 2026 By Arctic Wolf Labs In Arctic Wolf

Starting on January 15, 2026, Arctic Wolf began observing a new cluster of automated malicious activity involving unauthorized firewall configuration changes on FortiGate devices. This activity involved the creation of generic accounts intended for persistence, configuration changes granting VPN access to those accounts, as well as exfiltration of firewall configurations.

Read Post

Arctic Wolf

Read more about Arctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts

The Case for Eyeballs-Near-LLM Usage

Jan 20, 2026 By Kenneth Ray and Mike Mylrea In Arctic Wolf

At Arctic Wolf, we believe the future of cybersecurity is built on AI guided by human expertise. Staying at the forefront of security operations means not just adopting new technology but deeply understanding how and where it should be applied.

Read Post

Arctic Wolf

Read more about The Case for Eyeballs-Near-LLM Usage

The Continuing Risk of Remote Code Execution

Jan 16, 2026 By Arctic Wolf In Arctic Wolf

In 2025, there were more than 48,000 vulnerabilities published, amounting to over a 20% increase from 2024. More troubling than the sheer volume of vulnerabilities in 2025 is that more than a third of them were given a rating of “high” or “critical” severity. For security teams already stretched too thin, a proactive vulnerability management plan that patches or otherwise remediates all vulnerabilities is too far out of reach.

Read Post

Arctic Wolf

Read more about The Continuing Risk of Remote Code Execution

Driving Innovation: How Arctic Wolf Powers the BWT Alpine Formula 1 Team's Cybersecurity Excellence

Jan 16, 2026 By Arctic Wolf Networks In Arctic Wolf

Arctic Wolf and the BWT Alpine Formula One Team share a passion for speed, power, and precision. Discover how Arctic Wolf is transforming Alpine's cybersecurity by providing 24x7 protection for the entirety of their environment – trackside, at the factory, and everywhere in between.

View Video

Arctic Wolf

Read more about Driving Innovation: How Arctic Wolf Powers the BWT Alpine Formula 1 Team's Cybersecurity Excellence

CVE-2025-64155: FortiSIEM Remote Unauthenticated Command Injection Vulnerability

Jan 15, 2026 By Andres Ramos In Arctic Wolf

On January 13, 2025, Fortinet released fixes for a critical-severity FortiSIEM vulnerability (CVE-2025-64155) that stems from improper neutralization of special elements used in OS commands within the phMonitor service (TCP/7900). An unauthenticated, remote threat actor can exploit this vulnerability via crafted TCP requests to execute unauthorized code or commands on affected systems.

Read Post

Arctic Wolf

Read more about CVE-2025-64155: FortiSIEM Remote Unauthenticated Command Injection Vulnerability

Arctic Wolf and AWS: AI-Powered SOC and Security Incident Response

Jan 14, 2026 By Arctic Wolf Networks In Arctic Wolf

Discover how Arctic Wolf partners with Amazon Web Services (AWS) to deliver cutting-edge, AI-powered Security Operations Center (SOC) capabilities and advanced security incident response solutions. This video explores how Arctic Wolf leverages AWS cloud infrastructure and artificial intelligence to provide: Learn how this powerful combination enhances your organization's security posture, reduces response times, and protects against evolving cyber threats through intelligent automation and comprehensive managed detection and response (MDR) services.

View Video

Arctic Wolf

Read more about Arctic Wolf and AWS: AI-Powered SOC and Security Incident Response

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

Jan 13, 2026 By Arctic Wolf In Arctic Wolf

In AI-powered security, advantage comes not from automation alone, but from clear insight into how decisions are made. At Arctic Wolf, home to one of the world’s largest commercial security operations centers (SOC), we process over 10 trillion security events weekly. Rather than chasing automation for its own sake, we build AI that scales human expertise – preserving judgment where it matters most. But what is the optimal combination of humans and machines for security operations?

Read Post

Arctic Wolf

Read more about From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

CVE-2025-25249: Remote Code Execution Vulnerability in FortiOS and FortiSwitchManager

Jan 13, 2026 By Julian Tuin In Arctic Wolf

On January 13, 2026, Fortinet released an advisory describing a high-severity remote code execution vulnerability affecting its FortiOS and FortiSwitchManager products. According to Fortinet, the vulnerability stems from a flaw in the CAPWAP Wireless Aggregate Controller Daemon and could allow an unauthenticated, remote threat actor to execute arbitrary code or commands. The vulnerability was discovered internally by Fortinet’s Product Security Team.

Read Post

Arctic Wolf

Read more about CVE-2025-25249: Remote Code Execution Vulnerability in FortiOS and FortiSwitchManager

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

Jan 13, 2026 By Arctic Wolf Networks In Arctic Wolf

In this exclusive interview, Ari Kaplan, Chief Evangelist at Databricks and one of the real-life inspirations behind Moneyball, teams up with cybersecurity luminary Dan Schiappa, President, Technology and Services at Arctic Wolf, and AI Technical Fellow Mike Mylrea to explore how AI strategies that revolutionized professional sports are now being applied to transform modern cybersecurity.

View Video

Arctic Wolf

Read more about From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

CVE-2025-69258: Trend Micro Apex Central Remote Code Execution Vulnerability

Jan 12, 2026 By Julian Tuin In Arctic Wolf

On January 7, 2026, Trend Micro released a critical patch for Apex Central on-premises versions below Build 7190, addressing multiple vulnerabilities. The most severe of the vulnerabilities disclosed is CVE-2025-69258, a critical severity vulnerability, which allows unauthenticated threat actors to load malicious DLLs and execute arbitrary code as SYSTEM without user interaction. The advisory also includes two medium-severity denial-of-service vulnerabilities, CVE-2025-69259 and CVE-2025-69260.

Read Post

Arctic Wolf

Read more about CVE-2025-69258: Trend Micro Apex Central Remote Code Execution Vulnerability

CVE-2026-21858: Critical Unauthenticated File Access Vulnerability in n8n "Ni8mare"

Jan 9, 2026 By Andres Ramos In Arctic Wolf

On January 7, 2026, fixes were released for a maximum severity vulnerability (CVE-2026-21858) impacting n8n, a workflow automation application primarily used with artificial intelligence. Labeled “Ni8mare” by the researchers who discovered it, the vulnerability allows unauthenticated remote threat actors to take over locally deployed instances via publicly accessible webhook and form endpoints.

Read Post

Arctic Wolf

Read more about CVE-2026-21858: Critical Unauthenticated File Access Vulnerability in n8n "Ni8mare"

The Howler Episode 26 - Ilina Cashiola, SVP of Corporate Communications

Jan 8, 2026 By Arctic Wolf Networks In Arctic Wolf

This month, we sit down with Ilina Cashiola, SVP of Corporate Communications, as she shares about her belief in the power of manifestation, her view of the future of communications within the cybersecurity industry, and so much more!

View Video

Arctic Wolf

Read more about The Howler Episode 26 - Ilina Cashiola, SVP of Corporate Communications

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2026-1281 and CVE-2026-1340: Unauthenticated RCE Zero-Day Vulnerabilities in Ivanti Endpoint Manager Mobile

Multiple Critical Authentication Bypass and Remote Code Execution Vulnerabilities Fixed in SolarWinds Web Help Desk

CVE-2026-24858: FortiCloud SSO Authentication Bypass Vulnerability Exploited

How to Integrate ITSM in Managed Risk for Better Visibility and Faster Remediation

How to Customize Arctic Wolf Managed Awareness Content and Phishing Simulations

CVE-2026-21962: Maximum-severity Vulnerability in Oracle HTTP Server/WebLogic Proxy Plug-In

CVE202620045: Exploited Unauthenticated Remote Code Execution Vulnerability in Cisco Unified Communications Products

How to Build an Incident Response Plan with Arctic Wolf's IR Planner

Arctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts

The Case for Eyeballs-Near-LLM Usage

The Continuing Risk of Remote Code Execution

Driving Innovation: How Arctic Wolf Powers the BWT Alpine Formula 1 Team's Cybersecurity Excellence

CVE-2025-64155: FortiSIEM Remote Unauthenticated Command Injection Vulnerability

Arctic Wolf and AWS: AI-Powered SOC and Security Incident Response

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

CVE-2025-25249: Remote Code Execution Vulnerability in FortiOS and FortiSwitchManager

From Dugouts to Data Lakes: Applying Moneyball to the AI SOC

CVE-2025-69258: Trend Micro Apex Central Remote Code Execution Vulnerability

CVE-2026-21858: Critical Unauthenticated File Access Vulnerability in n8n "Ni8mare"

The Howler Episode 26 - Ilina Cashiola, SVP of Corporate Communications

Monthly Archive

Follow Us