CYBER Threat Intelligence Reports
LATEST CTIs
“ReVault” Firmware Vulnerabilities in Dell ControlVault3 Enable Persistent Backdoors and Windows Login Bypass
Cisco Talos has disclosed five critical vulnerabilities, collectively dubbed “ReVault”, affecting the firmware of Dell’s ControlVault3 and ControlVault3+ hardware security modules, as well as their…
Read more >
NVIDIA Triton Inference Server Vulnerabilities (CVE-2025-23319, CVE-2025-23320)
Security researchers at Wiz disclosed a chain of critical vulnerabilities in NVIDIA’s Triton Inference Server that could allow unauthenticated, remote attackers to gain full control…
Read more >
Adobe Patches Critical Experience Manager Flaws (CVE-2025-54253 & CVE-2025-54254)
On August 5, 2025, Adobe released APSB25-82 to patch two critical zero-day vulnerabilities in Adobe Experience Manager (AEM) Forms on JEE (≤ 6.5.23.0). Both flaws…
Read more >
Active Exploitation of CVE-2025-5394: Arbitrary File Upload in “Alone” Charity WordPress Theme
A critical arbitrary file-upload flaw (CVE-2025-5394, CVSS 9.8) in the Alone – Charity Multipurpose Non-profit WordPress theme (≤ 7.8.3) is under active exploitation. A missing…
Read more >
CVE-2023-2533: 2-Year-Old PaperCut Vulnerability Added to CISA’s KEV
On July 28, 2025, CISA added CVE‑2023‑2533, an 8.4 (High) severity Cross‑Site Request Forgery (CSRF) vulnerability in PaperCut NG/MF, to its Known Exploited Vulnerabilities (KEV) Catalog,…
Read more >
CISA: Attackers Exploiting SysAid Vulnerabilities (CVE-2025-2775, CVE-2025-2776)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two SysAid On-Prem vulnerabilities, CVE-2025-2775 and CVE-2025-2776, to its Known Exploited Vulnerabilities (KEV) catalog, confirming…
Read more >
