Skip to content

Daily Threat Intel

Menu
  • Vulnerabilities
  • Malware
  • Breaches
  • Enterprise
  • Supply Chain
  • Emerging Threats
  • Cloud
  • About us
Menu

Category: Vulnerabilities

12 Bugs in Microsoft’s April 2025 Update to Patch Now

Posted on April 8, 2025

Image source: QINQIE99,Shutterstock One of them is a 0-day that a threat actor is using in an ransomware campaign Microsoft has released fixes for 126 vulnerabilities in its April 2025 Patch Tuesday…

Share

NSA, CISA, Others Warn About Fast Flux Threat: Here’s Why

Posted on April 8, 2025

Image source: Shutterstock Enterprise organizations, ISPs and security services providers are not adequately prepared to protect against attacks that leverage the technique, authoring agencies say. The NSA, CISA, and international partners have…

Share

Max Severity Bug Affects MITRE Caldera Adversary Emulation Platform

Posted on February 25, 2025

Image source: MITRE Caldera Users should patch immediately to mitigate risk, Caldera security team says. MITRE’s Caldera team has patched a maximum severity remote code execution bug in the adversary emulation platform…

Share

FBI: Russia’s APT29 May Exploit These 24 vulnerabilities-Be Aware

Posted on October 10, 2024

Image source: Shutterstock Recent flaws that the state-affiliated actor has exploited widely include  CVE-2023-42793 in JetBrains TeamCity and CVE-2022-27924 in Zimbra. The FBI in collaboration with the National Security Agency, Cyber National…

Share

Ivanti’s New 0-Days Now in CISA’s Exploit Catalog

Posted on October 9, 2024

Image source: Shutterstock Attacks targeting CVE-2024-9379 and CVE-2024-9380 have impacted customers running the end-of-life CSA 4.6 for which the company issued the last security fix on Sept. 10. Ivanti this week issued…

Share

2 Exploited and 3 Publicly Known Bugs in Microsoft’s Oct. Update to Patch Now

Posted on October 8, 2024

Image source: : Shutterstock Microsoft’s relatively moderate severity rating for the bugs belie the threat they present At least five of the 117 CVEs for which Microsoft released a patch this week…

Share

New Vuln Enables Admin Access on Domain-Joined ESXi Hypervisors

Posted on July 30, 2024

Image Source: Shutterstock Ransomware attackers are leveraging CVE-2024-37085 to drop Black Basta, Akira on vulnerable systems, Microsoft says. Ransomware operators are exploiting an authentication bypass vulnerability in ESXi hypervisors to gain full…

Share

Mandiant Updates Guidance for Protecting Against Ivanti Vulnerabilities

Posted on February 1, 2024

Image source: Shutterstock Following its disclosure of two new zero-days Jan 31, Ivanti too has updated its mitigation file. Customers who applied previous mitigation would need re-apply it to address new flaws….

Share

Critical Vulnerability in Jenkins CLI Could Enable Remote Code Execution

Posted on January 24, 2024

Image source: Shutterstock CVE-2024-23897 is the most serious of 12 vulnerabilities that the Jenkins team disclosed on Jan 24. The Jenkins infrastructure team has issued a patch for a critical remote code…

Share

CVE-2024-0204 in GoAnywhere MFT is a Ticking Time Bomb

Posted on January 24, 2024

Image source: Shutterstock More than 96% of GoAnywhere MFT assets that security vendor Tenable observed on Jan 23 were vulnerable. Mass attacks could soon begin against a critical authentication bypass flaw in…

Share

Posts pagination

1 2 … 6 Next
  • 12 Bugs in Microsoft’s April 2025 Update to Patch Now
  • NSA, CISA, Others Warn About Fast Flux Threat: Here’s Why
  • Max Severity Bug Affects MITRE Caldera Adversary Emulation Platform
  • FBI: Russia’s APT29 May Exploit These 24 vulnerabilities-Be Aware
  • Ivanti’s New 0-Days Now in CISA’s Exploit Catalog
©2025 Daily Threat Intel | Design: Newspaperly WordPress Theme