CYBER Threat Intelligence Reports
LATEST CTIs
Cisco IOS and IOS XE SNMP Zero-Day Actively Exploited (CVE-2025-20352)
Cisco disclosed CVE-2025-20352, a stack overflow in the SNMP subsystem of IOS and IOS XE, now confirmed as actively exploited in the wild. Attackers can…
Read more >
SolarWinds Web Help Desk (WHD) Unauthenticated RCE Patch-Bypass (CVE-2025-26399)
SolarWinds released Web Help Desk 12.8.7 Hotfix 1 to fix CVE-2025-26399, an unauthenticated remote code execution flaw in the AjaxProxy component caused by unsafe deserialization.…
Read more >
SonicWall Cloud Backup Compromise & Ongoing SSLVPN Exploitation
Threat actors gained access to MySonicWall cloud backup preference files after brute-forcing the vendor’s portal. These files, although encrypted, contain sensitive configuration data such as…
Read more >
Ongoing Supply-Chain Attack Targeting npm Packages (aka “Shai-Hulud”)
Beginning on September 14, 2025, and accelerating over the next two days, attackers launched a large-scale supply-chain attack against the npm ecosystem. The campaign injected…
Read more >
FBI Advisory: UNC6040/UNC6395 Targeting Salesforce Environments
The FBI has issued a FLASH advisory detailing activity from the threat groups UNC6040 and UNC6395, who are actively conducting data theft and extortion campaigns…
Read more >
CVE-2024-40766: SonicWall SSL VPN Flaw Actively Exploited by Ransomware Threat Actors
CVE-2024-40766 is a critical improper access control vulnerability in SonicWall SonicOS management access/SSLVPN. Successful exploitation enables unauthorized access and can, in some cases, crash the…
Read more >
