CYBER Threat Intelligence Reports
LATEST CTIs
Active Exploitation of CVE-2025-5394: Arbitrary File Upload in “Alone” Charity WordPress Theme
A critical arbitrary file-upload flaw (CVE-2025-5394, CVSS 9.8) in the Alone – Charity Multipurpose Non-profit WordPress theme (≤ 7.8.3) is under active exploitation. A missing…
Read more >
CVE-2023-2533: 2-Year-Old PaperCut Vulnerability Added to CISA’s KEV
On July 28, 2025, CISA added CVE‑2023‑2533, an 8.4 (High) severity Cross‑Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF, to its Known Exploited Vulnerabilities (KEV) Catalog,…
Read more >
CISA: Attackers Exploiting SysAid Vulnerabilities (CVE-2025-2775, CVE-2025-2776)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two SysAid On-Prem vulnerabilities, CVE-2025-2775 and CVE-2025-2776, to its Known Exploited Vulnerabilities (KEV) catalog, confirming…
Read more >
Critical Zero-Day in CrushFTP Exploited in the Wild (CVE-2025-54309)
A critical zero-day vulnerability in CrushFTP, CVE-2025-54309, is being actively exploited by threat actors to gain unauthenticated administrative access to vulnerable servers via HTTPS. The…
Read more >
Over 600 Laravel Applications Vulnerable to Remote Code Execution via Leaked APP_KEYs (CVE-2018-15133, CVE-2024-55556)
Security researchers have uncovered a major RCE threat affecting over 600 Laravel applications, triggered by leaked APP_KEYs found on public GitHub repositories. Laravel's APP_KEY, typically…
Read more >
CVE-2025-3648: “Count(er) Strike” Vulnerability in ServiceNow
CVE-2025-3648, dubbed “Count(er) Strike”, is a high-severity vulnerability (CVSS 8.2) in ServiceNow's Now Platform, discovered by Varonis Threat Labs. The flaw allows both authenticated and…
Read more >
