CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-40766: SonicWall SSL VPN Flaw Actively Exploited by Ransomware Threat Actors
CVE-2024-40766 is a critical improper access control vulnerability in SonicWall SonicOS management access/SSLVPN. Successful exploitation enables unauthorized access and can, in some cases, crash the…
Read more >
CVE-2025-54236 “SessionReaper”: Critical Flaw in Adobe Commerce & Magento
A newly disclosed flaw in Adobe Commerce and Magento Open Source, tracked as CVE-2025-54236, exposes online stores to the risk of unauthenticated account takeover. The…
Read more >
Salesforce Breach: Exposure of Support Case Data at Major Security Vendors
A large-scale supply-chain campaign has unfolded, where attackers abused OAuth tokens from Salesloft’s Drift application to infiltrate Salesforce environments. Among the confirmed victims are leading…
Read more >
CVE-2025-55177: WhatsApp Authorization Flaw Exploited in Zero-Click Spyware Chain
WhatsApp has patched CVE-2025-55177, an authorization flaw in its linked-device synchronization feature that was exploited in the wild. While Meta originally rated it medium severity,…
Read more >
Docker Issues Patch for Critical Exploit in Docker Desktop: CVE-2025-9074
On August 20, 2025, Docker released an urgent patch for CVE-2025-9074, a critical Server-Side Request Forgery (SSRF) vulnerability (CVSS 9.3) affecting Docker Desktop for Windows…
Read more >
CVE-2025-48384: Git Submodule Path Flaw Exploited in the Wild
CVE-2025-48384 is a client-side Git vulnerability that lets a malicious repository abuse a mismatch in how Git reads vs. writes configuration values containing a trailing…
Read more >
