Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2025-10035: Maximum-Severity Command Injection Vulnerability in Fortra GoAnywhere MFT

Sep 19, 2025 By Andres Ramos In Arctic Wolf
On September 18, 2025, Fortra released a patch addressing a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035. The vulnerability stems from a deserialization flaw in the License Servlet of GoAnywhere MFT, allowing a remote threat actor with a valid forged license response signature to deserialize an arbitrary, threat-actor-controlled object and potentially achieve command injection.
Read Post
Arctic Wolf

Shift Left With High-Potency Threat Intelligence for Prevention

Sep 17, 2025 By Arctic Wolf In Arctic Wolf
In today’s ever-evolving threat landscape, security teams are under pressure to detect and respond to threats faster than ever. With the overwhelming volume and manual effort required to operationalize security, many organizations struggle to stay ahead. Arctic Wolf Threat Intelligence is here to help change that, by providing high-fidelity, actionable insights that empower teams to shift left and prevent threats before they escalate.
Read Post
Arctic Wolf

How To Build Cyber Resilience

Sep 17, 2025 By Arctic Wolf In Arctic Wolf
Cyber threats are frequent, unpredictable, and indiscriminate—affecting organizations of every size and industry. For any organization, a cyber incident is a matter of “when,” not “if”. As such, businesses must be able to prepare for, respond to, and recover from incidents, and must continually refine these capabilities to stay ahead.
Read Post
Arctic Wolf

SonicWall Warns Customers of Data Exposure Incident Affecting MySonicWall Configuration Backup Files

Sep 17, 2025 By Julian Tuin In Arctic Wolf
On September 17, 2025, SonicWall released a knowledge base article detailing the exposure of firewall configuration backup files stored in certain MySonicWall accounts. SonicWall states that after identifying the incident they began an investigation containing the incident, terminating the ‘unauthorized access point’, and working with law enforcement and select cybersecurity agencies globally.
Read Post
Arctic Wolf

CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox

Sep 17, 2025 By Andres Ramos In Arctic Wolf
On September 17, 2025, WatchGuard released fixes for a critical out-of-bounds write vulnerability (CVE-2025-9242) in the iked process of WatchGuard Fireware OS, which powers their Firebox firewall appliances. This flaw allows a remote unauthenticated threat actor to execute arbitrary code and affects both the mobile user VPN with IKEv2 and the branch office VPN with IKEv2 when configured with a dynamic gateway peer.
Read Post
Arctic Wolf

Wormable Malware Causing Supply Chain Compromise of npm Code Packages

Sep 16, 2025 By Arctic Wolf Labs In Arctic Wolf
On September 15, 2025, reports surfaced that the widely used npm package @ctrl/tinycolor had been compromised by malware as part of a broader supply chain attack affecting over 40 packages initially, with the number rising to more than 180 according to Aikido’s blog. Upon further investigation, the first malicious package that was identified as compromised in this campaign was rxnt-authentication, which was updated on September 14, 2025, at 17:58:50 UTC.
Read Post
Arctic Wolf

CVE202554236: Critical Adobe Commerce and Magento Open Source Flaw Allows Customer Account Takeover and RCE

Sep 10, 2025 By Andres Ramos In Arctic Wolf
On September 9, 2025, Adobe released an out-of-band security update to address a critical vulnerability in Adobe Commerce and Magento Open Source. The vulnerability, tracked as CVE-2025-54236 and referred to in open-source reporting as “SessionReaper,” allows a remote unauthenticated threat actor to take over customer accounts through the Commerce REST API.
Read Post

The Howler Episode 22: The Two Year Anniversary Special!

Sep 10, 2025 By Arctic Wolf Networks In Arctic Wolf
The Howler Podcast is two years old! In this special episode, Chelsea and Mary are joined by some surprise co-hosts as well as pack members from around the globe as they celebrate Arctic Wolf's one-of-a-kind culture. Interested in running with the pack? Explore careers at Arctic Wolf—one of the fastest-growing and exciting cybersecurity companies in the world, to learn about how you can join our Pack, create impact, and influence what’s next in security operations.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.