CYBER Threat Intelligence Reports
LATEST CTIs
WordPress Sites Targeted in “DollyWay” Malware Campaign
GoDaddy security researchers are warning against a sophisticated and long-running malware operation known as "DollyWay," which has compromised over 20,000 WordPress sites worldwide, redirecting unsuspecting…
Read more >
Untracked Windows Vulnerability Exploited by Nation-State Actors (ZDI-CAN-25373)
A newly discovered Windows zero-day vulnerability, ZDI-CAN-25373, has been actively exploited by nation-state actors from North Korea, Iran, Russia, and China for at least eight…
Read more >
Critical PHP RCE Vulnerability Exploited in the Wild (CVE-2024-4577)
A critical remote code execution (RCE) vulnerability, CVE-2024-4577, impacting Windows-based PHP installations configured to use PHP-CGI, is actively being exploited. This PHP-CGI argument injection flaw…
Read more >
Facebook FreeType Flaw Exploited in Attacks (CVE-2025-27363)
Security researchers and Meta have reported active exploitation of a high-severity vulnerability (CVE-2025-27363) affecting the FreeType font rendering library, commonly used across numerous applications, including…
Read more >
Android Zero-Days Used by Authorities to Unlock Confiscated Devices (CVE-2024-50302)
A newly disclosed high-severity Android vulnerability (CVE-2024-50302) has been actively used by Serbian authorities to unlock confiscated devices. The flaw, found in the Linux kernel’s…
Read more >
Microsoft Partner Center Improper Access Control Vulnerability (CVE-2024-49035)
A critical access control flaw (CVE-2024-49035) in Microsoft Partner Center allows attackers to gain unauthorized privileges, posing a major security risk. Overview Microsoft disclosed this…
Read more >
