CYBER Threat Intelligence Reports
LATEST CTIs
Old Vulnerability (CVE-2022–40684) Leads to Massive FortiGate Data Breach, Exposing 15,000+ Devices
The Belsen Group, a newly surfaced threat actor, has leaked sensitive data from over 15,000 Fortinet FortiGate devices. The data was originally stolen in 2022…
Read more >
Vulnerabilities in Fancy Product Designer WordPress Plugin (CVE-2024-51919, CVE-2024-51818)
Fancy Product Designer WordPress Plugin Vulnerabilities (CVE-2024-51919, CVE-2024-51818): Unpatched flaws in version 6.4.3 allow unauthenticated attackers to execute remote code (RCE) and inject SQL, risking…
Read more >
Vulnerabilities Patched in OpenVPN 2.6.11 (CVE-2024-5594, CVE-2024-4877, CVE-2024-28882)
OpenVPN Vulnerabilities Patched in 2.6.11 (CVE-2024-5594, CVE-2024-4877, CVE-2024-28882): Critical flaws, including code execution, credential theft, and unauthorized connection persistence, have been addressed; users must upgrade…
Read more >
Vulnerabilities in Palo Alto Networks’ Expedition Migration Tool (CVE-2025-0103 to CVE-2025-0107)
Palo Alto Networks' Expedition Vulnerabilities (CVE-2025-0103 to CVE-2025-0107): Multiple critical vulnerabilities, including SQL injection and OS command injection, in the EoL Expedition Migration Tool could…
Read more >
Vulnerability in Apache OpenMeetings (CVE-2024-54676)
Apache OpenMeetings Vulnerability (CVE-2024-54676): A critical flaw (CVSS 9.8) in OpenMeetings' cluster mode allows arbitrary code execution via insecure deserialization in OpenJPA; users must upgrade…
Read more >
Vulnerabilities in Ivanti Connect Secure, Policy Secure, and ZTA Gateways (CVE-2025-0282, CVE-2025-0283)
Ivanti Vulnerabilities (CVE-2025-0282, CVE-2025-0283): Ivanti disclosed critical flaws in Connect Secure, Policy Secure, and ZTA gateways, including CVE-2025-0282 (active RCE exploitation since Dec 2024) and…
Read more >
