CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-25600: WordPress’s Bricks Builder RCE Flaw Under Active Exploitation
The critical vulnerability CVE-2024-25600 in WordPress's Bricks Builder (CVSS score: 9.8) allows unauthenticated attackers to execute code on the server. This flaw is actively exploited,…
Read more >
Critical Privilege Elevation Flaw Patched in Zoom Windows Applications (CVE-2024-24691)
Zoom has fixed a critical vulnerability (CVE-2024-24691) in its Windows applications, allowing unauthenticated attackers to escalate privileges. Users are urged to update their Zoom software…
Read more >
Critical Zero-Day Vulnerability in Microsoft Exchange Server Exploited Prior to Patch (CVE-2024-21410)
Microsoft has issued an urgent advisory for a critical Exchange Server vulnerability (CVE-2024-21410) that was exploited as a zero-day. Customers should immediately update to Exchange…
Read more >
Microsoft Patches Critical Windows and Office Vulnerabilities Exploited in Attacks (CVE-2024-21413, CVE-2024-21412 and CVE-2024-21351)
Microsoft has released updates to address 72 vulnerabilities in the Windows ecosystem, including three that have been exploited in live malware attacks. The critical vulnerabilities…
Read more >
Azure Cloud and Microsoft 365 Targeted Attacks
A cyber campaign is targeting Microsoft Azure and 365, aiming at senior executives to steal credentials and data. Attack strategies include tailored phishing and MFA…
Read more >
CISA: OpenSSL Vulnerabilities and Security Framework Initiative (CVE-2023-0286, CVE-2022-4304)
OpenSSL has announced vulnerabilities in versions 3.0.0, 2.2.2, and 1.0.2; users are urged to update to 3.0.8, 1.1.1t, or 1.0.2zg promptly. Concurrently, CISA and OpenSSF…
Read more >
