CYBER Threat Intelligence Reports
LATEST CTIs
Microsoft Addresses 55 Vulnerabilities: Two Are Being Actively Exploited
On February 11, 2025, Microsoft released security updates addressing 55 vulnerabilities across its software products, including four zero-day flaws. Notably, two of these zero-day vulnerabilities…
Read more >
Old Vulnerability (CVE-2022–40684) Leads to Massive FortiGate Data Breach, Exposing 15,000+ Devices
The Belsen Group, a newly surfaced threat actor, has leaked sensitive data from over 15,000 Fortinet FortiGate devices. The data was originally stolen in 2022…
Read more >
Vulnerabilities in Fancy Product Designer WordPress Plugin (CVE-2024-51919, CVE-2024-51818)
Fancy Product Designer WordPress Plugin Vulnerabilities (CVE-2024-51919, CVE-2024-51818): Unpatched flaws in version 6.4.3 allow unauthenticated attackers to execute remote code (RCE) and inject SQL, risking…
Read more >
Vulnerabilities Patched in OpenVPN 2.6.11 (CVE-2024-5594, CVE-2024-4877, CVE-2024-28882)
OpenVPN Vulnerabilities Patched in 2.6.11 (CVE-2024-5594, CVE-2024-4877, CVE-2024-28882): Critical flaws, including code execution, credential theft, and unauthorized connection persistence, have been addressed; users must upgrade…
Read more >
Vulnerabilities in Palo Alto Networks’ Expedition Migration Tool (CVE-2025-0103 to CVE-2025-0107)
Palo Alto Networks' Expedition Vulnerabilities (CVE-2025-0103 to CVE-2025-0107): Multiple critical vulnerabilities, including SQL injection and OS command injection, in the EoL Expedition Migration Tool could…
Read more >
Vulnerability in Apache OpenMeetings (CVE-2024-54676)
Apache OpenMeetings Vulnerability (CVE-2024-54676): A critical flaw (CVSS 9.8) in OpenMeetings' cluster mode allows arbitrary code execution via insecure deserialization in OpenJPA; users must upgrade…
Read more >
