All CosmicBytez Labs articles tagged #Network Security, across news, security advisories, how-to guides, and projects.
The Inc ransomware group is actively exploiting two chained zero-day vulnerabilities in SonicWall Secure Mobile Access appliances. When combined, the flaws allow unauthenticated attackers to gain root-level control over SMA devices.
A critical CVSS 9.8 buffer overflow vulnerability in Tenda AC10 v3 firmware V03.03.16.09 allows remote attackers to cause permanent denial of service or execute arbitrary code via the /cgi-bin/UploadCfg endpoint.
SonicWall has issued an urgent advisory warning of two zero-day vulnerabilities in its SMA1000 appliances — CVE-2026-15409 and CVE-2026-15410 — that can be chained for unauthenticated remote code execution. Patches are available now.
SonicWall has issued an urgent advisory warning that two vulnerabilities in its SMA 1000 series secure remote access appliances are being actively exploited in chained zero-day attacks. CVE-2026-15409 (SSRF, CVSS 10.0) and CVE-2026-15410 (OS command injection) are combined to achieve full remote compromise. Patches are available; CISA has set a July 17 federal deadline.
Cisco Talos researchers have identified new LONGLEASH malware deployed by Chinese APT group UAT-7810 to expand its Operational Relay Box network,...
A maximum-severity command injection vulnerability in Ubiquiti's UniFi Connect Application allows any network-accessible attacker to execute arbitrary OS...
Mandiant has detailed an incident in which threat actors exploited a Cisco SD-WAN zero-day vulnerability to gain the highest possible access level at a...
Set up OpenCanary honeypot services on a Raspberry Pi or VM to detect lateral movement, credential stuffing, and unauthorized access before attackers...
A critical CVSS 9.9 privilege escalation vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to escalate privileges within UniFi...
A critical CVSS 9.9 command injection vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to execute arbitrary commands within...
A seventh actively exploited zero-day in Cisco SD-WAN products this year — CVE-2026-20245 — is under attack with no patch yet available from Cisco.
Cisco has disclosed active exploitation of CVE-2026-20245, a high-severity vulnerability in Catalyst SD-WAN Manager with a CVSS score of 7.8. No patch is…
Cisco has issued an emergency warning about an actively exploited, unpatched zero-day in Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that enables root…
An undocumented debug CGI endpoint in T3 Technology CPE devices (T625Pro v1.0.07, T6825G v1.0.03) allows unauthenticated remote attackers to execute arbitrary…
A critical authentication bypass vulnerability in the DTS Electronics Redline WR3200 router allows unauthenticated attackers to access functionality protected…
A critical CVSS 9.8 vulnerability in a local MQTT broker fails to enforce topic-level ACLs, allowing any client to use wildcard characters to enumerate hidden…
A stack-based buffer overflow flaw in HP OfficeConnect VoIP phones can be exploited remotely to achieve code execution, potentially allowing attackers to…
Ubiquiti has released security updates fixing three CVSS 10.0 vulnerabilities in UniFi OS that allow unauthenticated remote attackers to fully compromise...
A newly disclosed vulnerability dubbed 'Underminr' affects approximately 88 million domains and enables attackers to bypass DNS filtering tools while...
A CVSS 9.1 command injection vulnerability in UniFi OS devices allows a network-adjacent attacker with high privileges to execute arbitrary commands on...
A CVSS 10.0 improper access control flaw in UniFi OS allows any network-accessible attacker to make unauthorized changes to the underlying system with no...
A CVSS 10.0 path traversal vulnerability in UniFi OS allows an unauthenticated network attacker to read arbitrary files, including sensitive account files...
A CVSS 10.0 command injection vulnerability in UniFi OS allows any network-accessible attacker with no credentials to execute arbitrary OS commands,...
Threat actors brute-forced credentials and bypassed multi-factor authentication on SonicWall Gen6 SSL-VPN appliances to deploy ransomware tools,...
Deploy Pi-hole v6 as a network-wide DNS sinkhole backed by Unbound as a self-hosted recursive resolver — eliminating ads, trackers, and malware domains...
Cisco has patched a maximum-severity authentication bypass flaw in its Catalyst SD-WAN Controller that has already been exploited in limited attacks....
Cisco has patched CVE-2026-20182, a zero-day in Catalyst SD-WAN Manager that has been actively exploited in targeted attacks by sophisticated threat actor...
The threat group UAT-8616 is actively exploiting a new Cisco SD-WAN zero-day and has been linked to multiple prior Cisco firewall and SD-WAN vulnerability...
Fortinet has released emergency security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to...
A critical unauthenticated OS command injection vulnerability in the Totolink A8000RU router firmware 7.1cu.643_b20200521 allows remote attackers to...
Deploy Zeek (formerly Bro) on Linux to passively monitor network traffic, generate structured logs, write detection scripts, and forward data to your SIEM...
Deploy Suricata as a full-featured Network Intrusion Detection and Prevention System on Ubuntu. Covers installation, interface capture, Emerging Threats...
Security researchers at Defused Cyber and watchTowr have detected active reconnaissance targeting CVE-2026-3055, a critical CVSS 9.3 memory overread flaw...
A critical unauthenticated RCE vulnerability in F5 BIG-IP APM is being actively exploited in the wild. Malicious traffic targeting access policy virtual...
Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...
Systematic audit checklist for network infrastructure security — firewall rules, segmentation, VPN configuration, DNS security, wireless security, and...
A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...
Complete FortiGate hardening guide covering admin access lockdown, firmware management, interface hardening, DNS/NTP security, certificate management,...
Configure IPsec site-to-site VPN between FortiGate firewall and Azure VPN Gateway. Covers IKE configuration, routing, BGP, and high availability.
Configure FortiGate SSL VPN for secure remote user access. Covers portal setup, user authentication, firewall policies, and FortiClient configuration.
Implement network microsegmentation in Kubernetes with Network Policies. Covers default deny, allow rules, namespace isolation, egress policies, and debugging.
Deploy enterprise SD-WAN with FortiGate featuring dual ISP failover, performance SLAs, application steering, and Zero Trust architecture integration.
Deploy a network monitoring stack combining Zeek for protocol analysis and Suricata for intrusion detection, with ELK integration for visualization and...
Learn Python security scripting fundamentals including network scanning, log parsing, hash analysis, API integration, and automated threat detection for...
Deploy Pi-hole for network-wide ad blocking and DNS security. Includes setup, configuration, upstream DNS options, and integration with encrypted DNS.