Alerts & Advisories

Filter By:
Critical Vulnerability in FortiOS and FortiProxy
Fortinet has released security updates addressing a critical authentication bypass vulnerability (CVE-2024-55591) affecting their FortiOS and FortiProxy products.
Critical Vulnerability in FortiOS and FortiProxy
Advisory on Phishing Texts Targeting Apple iMessage Users
A recent smishing (SMS phishing) campaign has been observed targeting Apple iMessage users. In this campaign, cybercriminals send fraudulent text messages designed to manipulate users into disabling iMessage’s built-in security features.
Advisory on Phishing Texts Targeting Apple iMessage Users
January 2025 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
January 2025 Monthly Patch
Security Bulletin 15 Jan 2025
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 15 Jan 2025
Ongoing Mirai Botnet Campaign Targeting Industrial Routers
There are reports of an ongoing Mirai-based botnet campaign targeting security flaws in industrial routers and smart home devices by leveraging zero-day exploits
Ongoing Mirai Botnet Campaign Targeting Industrial Routers
Active Exploitation of Critical Zero-Day Vulnerability in Ivanti Connect Secure
Ivanti has released updates addressing a critical zero-day vulnerability (CVE-2025-0282) in the Ivanti Connect Secure product. This vulnerability is reportedly being actively exploited.
Active Exploitation of Critical Zero-Day Vulnerability in Ivanti Connect Secure
Security Bulletin 8 Jan 2025
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 8 Jan 2025
Security Bulletin 2 Jan 2025
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 2 Jan 2025
Vulnerabilities in BeyondTrust Products
BeyondTrust has released security updates addressing vulnerabilities (CVE-2024-12356 and CVE-2024-12686) in their Remote Support (RS) and Privileged Remote Access (PRA) products. CVE-2024-12356 has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10. Both vulnerabilities have reportedly been exploited in the wild.
Vulnerabilities in BeyondTrust Products
Ongoing Campaign Targeting Chrome Browser Extensions
There are reports of an ongoing campaign to steal sensitive information from users of Chrome Browser Extensions. While there are no reports observed locally, users of affected extensions are advised to uninstall the affected extensions, reset account passwords, clear browser data and reset browser settings to their original defaults before installing a safe version of the extensions (if available).
Ongoing Campaign Targeting Chrome Browser Extensions
Multiple Critical Vulnerabilities in Apache Products
The Apache Software Foundation has released security updates addressing critical vulnerabilities (CVE-2024-52046, CVE-2024-43441 and CVE-2024-45387) affecting various Apache products.
Multiple Critical Vulnerabilities in Apache Products
Security Bulletin 25 Dec 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 25 Dec 2024
Security Bulletin 18 Dec 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 18 Dec 2024
Critical Vulnerability in Apache Struts
Apache has released security updates addressing a critical vulnerability (CVE-2024-53677) affecting their Struts 2 framework.
Critical Vulnerability in Apache Struts
Critical Vulnerability in OpenWrt Attended SysUpgrade
OpenWrt has released security updates addressing a critical vulnerability (CVE-2024-54143) affecting their Attended SysUpgrade (ASU) server.
Critical Vulnerability in OpenWrt Attended SysUpgrade
Security Bulletin 11 Dec 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 11 Dec 2024
Critical Vulnerabilities in Ivanti Cloud Services Appliance
Ivanti has released security updates to address critical vulnerabilities (CVE-2024-11639, CVE-2024-11772 and CVE-2024-11773) affecting their Cloud Services Appliance (CSA) solution.
Critical Vulnerabilities in Ivanti Cloud Services Appliance
December 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
December 2024 Monthly Patch
Security Bulletin 4 Dec 2024
SingCERT's Security Bulletin summarises the list of vulnerabilities collated from the National Institute of Standards and Technology (NIST)'s National Vulnerability Database (NVD) in the past week.
Security Bulletin 4 Dec 2024
Joint Advisory On The Safeguarding Of Cryptocurrency Assets Against Threat Actors
Singapore Police Force (SPF) and CSA have issued a joint advisory to remind members of public on the importance of safeguarding their cryptocurrency assets.
Joint Advisory On The Safeguarding Of Cryptocurrency Assets Against Threat Actors