Review the latest advisories
The Incident Response team sends advisories about security vulnerabilities to U of T’s technical staff. If you have questions or concerns, contact security.response@utoronto.ca.
The advisories published here focus on those we feel are most relevant to the university environment but should not be considered an exhaustive list. The Canadian Centre for Cyber Security publishes advisories on potential and imminent cyber threats and vulnerabilities and provides a more comprehensive list of advisories.
December 4, 2025
Multiple NPM packages were compromised in late 2025 through account takeovers and malicious code injections.
December 4, 2025
A critical remote code execution vulnerability (CVE-2025-55182) has been found in React Server Components and in widely used frameworks such as Next.js.
October 24, 2025
On October 24, 2025, Microsoft published an out-of-band security update to a critical vulnerability in the Windows Server Update Service (WSUS).
August 8, 2025
A major security advisory was recently issued for Dell laptops, affecting millions of devices across more than 100 Latitude and Precision models.
July 21, 2025
CanSSOC became aware of a critical Remote Code Execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813.
July 3, 2025
The Stratascale Cyber Research Unit (CRU) team has identified two vulnerabilities in the Sudo utility. These vulnerabilities can result in the escalation of privileges to root on the impacted system.
May 1, 2025
The “AirBorne” vulnerability is a serious zero-click, remote code execution (RCE) exploit affecting Apple AirPlay-enabled devices.
March 20, 2025
CanSSOC became aware of a critical Remote Code Execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813.
March 6, 2025
A newly discovered critical vulnerability in Kibana, identified as CVE-2025-25012, exposes organizations to the risk of arbitrary code execution through prototype pollution.
March 6, 2025
Zero-day vulnerabilities in VMware products allow attackers with administrative privileges on a virtual machine to escape the VM sandbox and gain unauthorized access to the hypervisor, posing a significant risk to enterprise environments.
November 20, 2024
A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin ‘Really Simple Security’ (formerly ‘Really Simple SSL’), including both free and Pro versions.
October 28, 2024
On October 23rd, Fortinet published an advisory related to a critical FortiManager API vulnerability, tracked as CVE-2024-47575 (CVSSv3: 9.8). The vulnerability was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices.
