CYBER Threat Intelligence Reports
LATEST CTIs
High-Severity WordPress Vulnerability in Forminator Plugin (CVE-2025-6463)
A critical vulnerability in the Forminator plugin, one of the most popular form-building plugins in Wordpress, allows unauthenticated attackers to delete arbitrary files on the…
Read more >
CVE-2025-6554: Chrome V8 Zero-Day Exploited in the Wild
On June 30, 2025, Google issued an emergency patch for a critical zero-day vulnerability in its Chrome browser, tracked as CVE-2025-6554. The flaw resides in…
Read more >
Critical Cisco ISE Vulnerabilities Lead to Unauthenticated RCE (CVE-2025-20281 & CVE-2025-20282)
On June 25, 2025, Cisco disclosed and patched two critical remote code execution (RCE) vulnerabilities: CVE-2025-20281 and CVE-2025-20282, affecting its widely deployed Identity Services Engine…
Read more >
Critical Vulnerability in MegaRAC BMC Added to CISA’s KEV: CVE-2024-54085
On June 25, 2025, CISA added CVE‑2024‑54085, a critical authentication bypass vulnerability in the MegaRAC SPx Baseboard Management Controller (BMC) firmware, to its Known Exploited…
Read more >
‘UMBRELLA STAND’ Malware Targets Fortinet FortiGate Firewalls
‘UMBRELLA STAND’ Malware Targets Fortinet FortiGate Firewalls The UK’s National Cyber Security Centre (NCSC) has issued an alert regarding a sophisticated malware campaign dubbed “UMBRELLA…
Read more >
CVE-2025-49144: Privilege Escalation in Notepad++ Installer Enables Full SYSTEM Access
A critical local privilege escalation vulnerability in the Notepad++ v8.8.1 installer allows attackers to escalate to NT AUTHORITY\SYSTEM using binary planting techniques. Tracked as CVE-2025-49144,…
Read more >
