Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

CVE-2025-40602: SonicWall Releases Fix for SMA1000 Privilege Escalation Zero-Day Under Active Attack

Dec 17, 2025 By Andres Ramos In Arctic Wolf
On December 17, 2025, SonicWall released fixes for an actively exploited medium-severity zero-day vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC), tracked as CVE-2025-40602. The vulnerability allows local threat actors to escalate privileges due to insufficient authorization in the SMA1000 AMC and does not affect SSL VPN functionality on SonicWall firewalls.
Read Post
Arctic Wolf

New Attack Technique "ConsentFix" Hijacks OAuth Consent Grants

Dec 16, 2025 By Andres Ramos In Arctic Wolf
On December 11, 2025, Push Security published research detailing a newly observed browser-based phishing technique called ConsentFix. The name ConsentFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages. ConsentFix, enables threat actors to gain cloud account access without capturing passwords, multifactor authentication (MFA) codes, or other credentials by abusing legitimate OAuth authentication and consent flows.
Read Post
Arctic Wolf

How To Reduce Risk This Holiday Season

Dec 16, 2025 By Adam Marrè In Arctic Wolf
The holiday season is traditionally a period of goodwill, gift giving, and time with loved ones, but if you are responsible for your enterprise’s cyber defenses it’s also a time when you should have a heightened awareness of cyber risk. Cybercriminals often treat this time of year as a prime opportunity to exploit the unprepared and unwary.
Read Post
Arctic Wolf

Arctic Wolf Observes Malicious SSO Logins on FortiGate Devices Following Disclosure of CVE-2025-59718 and CVE-2025-59719

Dec 15, 2025 By Arctic Wolf Labs In Arctic Wolf
In December 12, 2025, Arctic Wolf began observing intrusions involving malicious SSO logins on FortiGate appliances. Fortinet had previously released an advisory for two critical authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719) on December 9, 2025. Arctic Wolf had also sent out a security bulletin for the vulnerabilities shortly thereafter.
Read Post

The Howler Episode 25 - Susan Corcoran, Chief Accounting Officer

Dec 15, 2025 By Arctic Wolf Networks In Arctic Wolf
This month, we sit down with Susan Corcoran, Chief Accounting Officer, as she unpacks common misconceptions about accounting, takes us on her journey from Minnesota dairy farm to London then back to Minnesota, and so much more! With nearly two decades of experience, spanning Deloitte and United Health Group, Susan Corcoran has led everything from SEC reporting to global accounting strategy. Now she's steering Arctic Wolf's financial integrity and compliance at the highest level as Chief Accounting Officer.
View Video

How to Prevent Fileless and In-Memory Attacks with Aurora Endpoint Defense

Dec 12, 2025 By Arctic Wolf Networks In Arctic Wolf
See how Aurora Endpoint Defense prevents advanced memory and script-based attacks before they disrupt your business. Using Alpha AI, Aurora Endpoint optimizes threat detection and response while reducing analyst workload resulting in stronger protection and less operational strain.
View Video
Arctic Wolf

CVE-2025-59718 and CVE-2025-59719: FortiCloud SSO Login Authentication Bypass

Dec 10, 2025 By Julian Tuin In Arctic Wolf
On December 9, 2025, Fortinet released an advisory detailing two critical authentication bypass vulnerabilities affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. Designated CVE-2025-59718 and CVE-2025-59719, these vulnerabilities allow an unauthenticated threat actor to bypass FortiCloud SSO login authentication via a crafted SAML message if the feature is enabled on the device. Fortinet states that FortiCloud SSO login is disabled by default in factory settings.
Read Post
Arctic Wolf

CVE-2025-55182: Critical Remote Code Execution Vulnerability Found in React Server Components

Dec 4, 2025 By Stefan Hostetler In Arctic Wolf
On December 3, 2025, the React team released fixes for a maximum severity vulnerability in React Server Components (RSC). The vulnerability, tracked as CVE-2025-55182, stems from unsafe handling of serialized DOM elements, allowing for remote code execution in React 19 and other frameworks built on top of it, such as Next.js 15–16. The vulnerability was responsibly disclosed to React as part of a bug bounty program and is not known to be actively exploited in the wild at this time.
Read Post

How Arctic Wolf Delivers Managed Detection and Response with Broad Visibility and Proactive Security

Dec 3, 2025 By Arctic Wolf Networks In Arctic Wolf
In this Managed Detection and Response overview, we see how Arctic Wolf delivers 24x7 monitoring, broad visibility, response capabilities and proactive security recommendations to our customers leveraging their existing security tools and the Aurora Platform.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.