Alerts

Timely information about security issues, vulnerabilities, and exploits

Filter By:
Critical Vulnerability in FortiOS and FortiProxy
Fortinet has released security updates addressing a critical authentication bypass vulnerability (CVE-2024-55591) affecting their FortiOS and FortiProxy products.
Critical Vulnerability in FortiOS and FortiProxy
January 2025 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
January 2025 Monthly Patch
Ongoing Mirai Botnet Campaign Targeting Industrial Routers
There are reports of an ongoing Mirai-based botnet campaign targeting security flaws in industrial routers and smart home devices by leveraging zero-day exploits
Ongoing Mirai Botnet Campaign Targeting Industrial Routers
Active Exploitation of Critical Zero-Day Vulnerability in Ivanti Connect Secure
Ivanti has released updates addressing a critical zero-day vulnerability (CVE-2025-0282) in the Ivanti Connect Secure product. This vulnerability is reportedly being actively exploited.
Active Exploitation of Critical Zero-Day Vulnerability in Ivanti Connect Secure
Vulnerabilities in BeyondTrust Products
BeyondTrust has released security updates addressing vulnerabilities (CVE-2024-12356 and CVE-2024-12686) in their Remote Support (RS) and Privileged Remote Access (PRA) products. CVE-2024-12356 has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10. Both vulnerabilities have reportedly been exploited in the wild.
Vulnerabilities in BeyondTrust Products
Ongoing Campaign Targeting Chrome Browser Extensions
There are reports of an ongoing campaign to steal sensitive information from users of Chrome Browser Extensions. While there are no reports observed locally, users of affected extensions are advised to uninstall the affected extensions, reset account passwords, clear browser data and reset browser settings to their original defaults before installing a safe version of the extensions (if available).
Ongoing Campaign Targeting Chrome Browser Extensions
Multiple Critical Vulnerabilities in Apache Products
The Apache Software Foundation has released security updates addressing critical vulnerabilities (CVE-2024-52046, CVE-2024-43441 and CVE-2024-45387) affecting various Apache products.
Multiple Critical Vulnerabilities in Apache Products
Critical Vulnerability in Apache Struts
Apache has released security updates addressing a critical vulnerability (CVE-2024-53677) affecting their Struts 2 framework.
Critical Vulnerability in Apache Struts
Critical Vulnerability in OpenWrt Attended SysUpgrade
OpenWrt has released security updates addressing a critical vulnerability (CVE-2024-54143) affecting their Attended SysUpgrade (ASU) server.
Critical Vulnerability in OpenWrt Attended SysUpgrade

Report a Cybersecurity Incident

SingCERT encourages the reporting of cybersecurity incidents as it enables us to better understand the scope and nature of cyber incidents in Singapore. This will enable us to issue alerts or advisories on relevant threats, and assist a broader range of individuals and organisations.
Report Incident