top of page
Advisory Date | Advisory Name | Severity Level |
|---|---|---|
September 12th, 2025 | npm Supply-Chain Attack via Phishing Campaign | High |
September 12th, 2025 | Obscura Ransomware Variant Targets Domain Controllers via NETLOGON Replication | High |
September 10th, 2025 | Mirai-Based Botnet Leveraging N-Day and Zero-Day Exploits | High |
September 2nd, 2025 | High-Severity Vulnerability in Linux UDisks Daemon (CVE-2025-8067) | High |
September 2nd, 2025 | Threat Actors Breach High-Value Targets in Salesforce Attacks | Critical |
September 2nd, 2025 | Citrix NetScaler ADC and Gateway Zero-Day Remote Code Execution (CVE-2025-7775) | Critical |
August 28th, 2025 | APT36 Exploits Linux .desktop Files for Malware Delivery | Medium |
August 27th, 2025 | Critical Docker Desktop Vulnerability (CVE-2025-9074) Enables Host Access and Container Takeover | Critical |
August 22nd, 2025 | New GodRAT Remote Access Trojan Exploits Skype to Compromise Financial Institutions | High |
August 21st, 2025 | High-Severity Chrome Vulnerability (CVE-2025-9132) Allows Remote Code Execution via V8 Engine | High |
August 21st, 2025 | Pre-Authentication Remote Code Execution in Cisco FMC via RADIUS (CVE-2025-20265) | Critical |
August 21st, 2025 | Zoom Vulnerability Exploitable via Malicious Executables in User Paths (CVE-2025-49457) | Critical |
August 14th, 2025 | WinRAR for Windows Vulnerability Exploited by Adversary Group RomCom (CVE-2025-8088) | High |
August 12th, 2025 | Trend Micro Warns of Apex One Vulnerabilities Exploited in the Wild | Critical |
August 12th, 2025 | CISA and Microsoft Warn of Critical Microsoft Exchange Hybrid Vulnerability (CVE-2025-53786) | High |
August 7th, 2025 | Targeted Exploitation of SonicWall SSL VPNs by Akira Ransomware Affiliates | Critical |
August 6th, 2025 | Plague PAM Backdoor Malware Targets Linux Systems with Undetectable SSH Persistence | Critical |
August 1st, 2025 | WordPress Alone Theme Zero-Day Exploited in the Wild (CVE-2025-5394) | Critical |
July 31st, 2025 | Gemini CLI Vulnerability Enables Stealthy Remote Code Execution | Medium |
July 30th, 2025 | UNC3886 Threat Actor Abuses Zero-Day Vulnerabilities in VMware, Fortinet, and Juniper | Critical |
July 30th, 2025 | Scattered Spider Hijacks VMware ESXi to Deploy Ransomware Across Critical Infrastructure | High |
July 29th, 2025 | Coyote Malware Targets Windows Input Framework Using UI Automation for Credential Theft | High |
July 24th, 2025 | Attackers Hijack Trusted npm Packages to Exfiltrate Developer Credentials | Critical |
July 23rd, 2025 | CISA and FBI Issue Joint Warning on Interlock Ransomware Targeting Critical Infrastructure | High |
July 23rd 2025 | Fortinet FortiWeb SQL Injection Vulnerability (CVE-2025-25257) Exploited in the Wild | Critical |
July 23rd, 2025 | DeerStealer Malware Uses .LNK Files to Evade Detection and Steal Data | High |
July 21st, 2025 | Unpatched Microsoft SharePoint Zero-Day Exploited in Active RCE Attacks | Critical |
July 18th, 2025 | Critical Unauthenticated RCE in Cisco ISE (CVE-2025-20337) Threatens Network Access Control Integrity | Critical |
July 18th, 2025 | Google Chrome Zero-Day Actively Exploited in the Wild (CVE-2025-6558) | High |
July 17th, 2025 | Wing FTP Server Remote Code Execution vulnerability (CVE-2025-47812) Exploited in the Wild | Critical |
July 15th, 2025 | AWS Organizations Mis-scoped Policy Exposes Entire Cloud Infrastructure to Attackers | Medium |
July 15th, 2025 | Google Gemini for Workspace Vulnerability Lets Attackers Hide Malicious Scripts in Emails | Medium |
July 11th, 2025 | Malvertising and SEO Poisoning Used to Deliver Trojanized PuTTY and WinSCP to IT Professionals | High |
July 10th, 2025 | BERT Ransomware Targets ESXi Virtual Machines with Forced Shutdown Tactics | High |
July 10th, 2025 | XMRig-Based Cryptomining Malware Uses LOLBAS and Disables Windows Updates to Evade Detection | High |
July 8th, 2025 | Critical Cisco Unified CM Vulnerability (CVE-2025-20309) Allows Root-Level Backdoor Access | Critical |
July 7th, 2025 | Snake Keylogger Campaign Exploits Java Utilities for Stealthy Malware Delivery | High |
July 3rd, 2025 | Actively Exploited Zero-Day Vulnerability in Google Chrome’s V8 Engine (CVE-2025-6554) | Critical |
July 3rd, 2025 | Microsoft Discontinues Password Management and Autofill Features in Authenticator App | Informational |
July 2nd, 2025 | Chinese Threat Group Silver Fox Delivers RATs and Rootkits via Fake Software Installers and Medical Imaging Tools | High |
July 1st, 2025 | Actively Exploited Critical Zero-Day Vulnerability in Citrix NetScaler ADC and Gateway (CVE-2025-6543) | Critical |
June 27th, 2025 | APT Group Exploits Microsoft ClickOnce to Deploy Stealthy Malware via Trusted Applications | Medium |
June 26th, 2025 | WinRAR Directory Traversal Vulnerability (CVE-2025-6218) Enables Remote Code Execution via Malicious Archives | High |
June 23rd, 2025 | APT29 Exploits Gmail App Passwords to Bypass MFA in Spear-Phishing Attacks | Medium |
June 18th, 2025 | New Veeam Vulnerabilities Enable Malicious Remote Code Execution on Backup Servers (CVE-2025-23121) | Critical |
June 17th, 2025 | Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction (CVE-2025-32711) | Medium |
June 16th, 2025 | Malicious Python Package Exploits Cloud DevOps Pipelines Using Multi-Stage Attack Strategy | Medium |
June 13th, 2025 | Critical Microsoft WebDAV RCE Vulnerability Actively Exploited CVE-2025-33053 | High |
June 11th, 2025 | APT41 Malware Campaign Using Google Calendar as C2 Channel | High |
June 11th, 2025 | High-Severity Vulnerability in Splunk Universal Forwarder for Windows (CVE-2025-20298) | High |
June 12th, 2025 | Rust-based Myth Stealer Malware Campaign Targeting Browser Users | Medium |
June 4th, 2025 | Cryptojacking Campaign Targeting DevOps Platforms (JINX-0132) | High |
May 21st, 2025 | AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation | High |
June 3rd, 2025 | Actively Exploited Chrome Zero-Day Vulnerability (CVE-2025-5419) | High |
May 26th, 2025 | Emergency Update Released to Address BitLocker Recovery Boot Issue in Windows 10 | Informational |
March 17th, 2025 | Medusa Ransomware Actively Targeting Critical Infrastructure Sectors Worldwide | Medium |
March 21st, 2025 | Active Exploitation of Vulnerability in Apache Tomcat Servers
(CVE-2025-24813) | Low |
March 17th, 2025 | Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild (CVE-2025-21590) | Low |
bottom of page