CYBER Threat Intelligence Reports
LATEST CTIs
Critical Unauthenticated Command Injection in Fortinet FortiSIEM (CVE-2025-25256)
Fortinet has disclosed a critical OS command injection in FortiSIEM, tracked as CVE-2025-25256, that allows unauthenticated RCE via crafted CLI requests. Fortinet confirms working exploit…
Read more >
Dutch NCSC Warns of Active Exploitation of Citrix Netscaler Vulnerability (CVE-2025-6543)
The Dutch National Cyber Security Centre (NCSC-NL) has confirmed active exploitation of CVE-2025-6543, a critical memory overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway…
Read more >
“ReVault” Firmware Vulnerabilities in Dell ControlVault3 Enable Persistent Backdoors and Windows Login Bypass
Cisco Talos has disclosed five critical vulnerabilities, collectively dubbed “ReVault”, affecting the firmware of Dell’s ControlVault3 and ControlVault3+ hardware security modules, as well as their…
Read more >
NVIDIA Triton Inference Server Vulnerabilities (CVE-2025-23319, CVE-2025-23320)
Security researchers at Wiz disclosed a chain of critical vulnerabilities in NVIDIA’s Triton Inference Server that could allow unauthenticated, remote attackers to gain full control…
Read more >
Adobe Patches Critical Experience Manager Flaws (CVE-2025-54253 & CVE-2025-54254)
On August 5, 2025, Adobe released APSB25-82 to patch two critical zero-day vulnerabilities in Adobe Experience Manager (AEM) Forms on JEE (≤ 6.5.23.0). Both flaws…
Read more >
Active Exploitation of CVE-2025-5394: Arbitrary File Upload in “Alone” Charity WordPress Theme
A critical arbitrary file-upload flaw (CVE-2025-5394, CVSS 9.8) in the Alone – Charity Multipurpose Non-profit WordPress theme (≤ 7.8.3) is under active exploitation. A missing…
Read more >
