top of page
Threat Hunting & Advisory
Our solutions deliver holistic cybersecurity that combines offensive and defensive tactics to maximize resilience while minimizing risk.
Advisory Date | Advisory Name | Severity Level |
|---|---|---|
July 17th, 2025 | Wing FTP Server Remote Code Execution vulnerability (CVE-2025-47812) Exploited in the Wild | Critical |
July 15th, 2025 | AWS Organizations Mis-scoped Policy Exposes Entire Cloud Infrastructure to Attackers | Medium |
July 15th, 2025 | Google Gemini for Workspace Vulnerability Lets Attackers Hide Malicious Scripts in Emails | Medium |
July 11th, 2025 | Malvertising and SEO Poisoning Used to Deliver Trojanized PuTTY and WinSCP to IT Professionals | High |
July 10th, 2025 | BERT Ransomware Targets ESXi Virtual Machines with Forced Shutdown Tactics | High |
July 10th, 2025 | XMRig-Based Cryptomining Malware Uses LOLBAS and Disables Windows Updates to Evade Detection | High |
July 8th, 2025 | Critical Cisco Unified CM Vulnerability (CVE-2025-20309) Allows Root-Level Backdoor Access | Critical |
July 7th, 2025 | Snake Keylogger Campaign Exploits Java Utilities for Stealthy Malware Delivery | High |
July 3rd, 2025 | Actively Exploited Zero-Day Vulnerability in Google Chrome’s V8 Engine (CVE-2025-6554) | Critical |
July 3rd, 2025 | Microsoft Discontinues Password Management and Autofill Features in Authenticator App | Informational |
July 2nd, 2025 | Chinese Threat Group Silver Fox Delivers RATs and Rootkits via Fake Software Installers and Medical Imaging Tools | High |
July 1st, 2025 | Actively Exploited Critical Zero-Day Vulnerability in Citrix NetScaler ADC and Gateway (CVE-2025-6543) | Critical |
June 27th, 2025 | APT Group Exploits Microsoft ClickOnce to Deploy Stealthy Malware via Trusted Applications | Medium |
June 26th, 2025 | WinRAR Directory Traversal Vulnerability (CVE-2025-6218) Enables Remote Code Execution via Malicious Archives | High |
June 23rd, 2025 | APT29 Exploits Gmail App Passwords to Bypass MFA in Spear-Phishing Attacks | Medium |
June 18th, 2025 | New Veeam Vulnerabilities Enable Malicious Remote Code Execution on Backup Servers (CVE-2025-23121) | Critical |
June 17th, 2025 | Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction (CVE-2025-32711) | Medium |
June 16th, 2025 | Malicious Python Package Exploits Cloud DevOps Pipelines Using Multi-Stage Attack Strategy | Medium |
June 13th, 2025 | Critical Microsoft WebDAV RCE Vulnerability Actively Exploited CVE-2025-33053 | High |
June 12th, 2025 | Rust-based Myth Stealer Malware Campaign Targeting Browser Users | Medium |
June 11th, 2025 | High-Severity Vulnerability in Splunk Universal Forwarder for Windows (CVE-2025-20298) | High |
June 11th, 2025 | APT41 Malware Campaign Using Google Calendar as C2 Channel | High |
June 4th, 2025 | Cryptojacking Campaign Targeting DevOps Platforms (JINX-0132) | High |
June 3rd, 2025 | Actively Exploited Chrome Zero-Day Vulnerability (CVE-2025-5419) | High |
May 26th, 2025 | Emergency Update Released to Address BitLocker Recovery Boot Issue in Windows 10 | Informational |
May 21st, 2025 | AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation | High |
March 21st, 2025 | Active Exploitation of Vulnerability in Apache Tomcat Servers
(CVE-2025-24813) | Low |
March 17th, 2025 | Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild (CVE-2025-21590) | Low |
March 17th, 2025 | Medusa Ransomware Actively Targeting Critical Infrastructure Sectors Worldwide | Medium |
bottom of page