CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2025-55177: WhatsApp Authorization Flaw Exploited in Zero-Click Spyware Chain
WhatsApp has patched CVE-2025-55177, an authorization flaw in its linked-device synchronization feature that was exploited in the wild. While Meta originally rated it medium severity,…
Read more >
Docker Issues Patch for Critical Exploit in Docker Desktop: CVE-2025-9074
On August 20, 2025, Docker released an urgent patch for CVE-2025-9074, a critical Server-Side Request Forgery (SSRF) vulnerability (CVSS 9.3) affecting Docker Desktop for Windows…
Read more >
CVE-2025-48384: Git Submodule Path Flaw Exploited in the Wild
CVE-2025-48384 is a client-side Git vulnerability that lets a malicious repository abuse a mismatch in how Git reads vs. writes configuration values containing a trailing…
Read more >
CVE-2025-43300: Apple ImageIO Zero-Day Exploited in Targeted Attacks
Apple patched CVE-2025-43300, a zero-day in the ImageIO framework used system-wide to read/write many image formats. Opening or previewing a malicious image can corrupt memory…
Read more >
CVE-2025-57790: Commvault Path Traversal Vulnerability Leads to RCE
On August 19th, Commvault published advisory CV_2025_08_2 for a newly-discovered path traversal flaw in the Web Server component that allows remote attackers to perform unauthorized…
Read more >
CVE-2025-20265: Cisco Secure Firewall Management Center (FMC) RADIUS Pre-Auth RCE
A critical (CVSS 10.0) input-handling flaw in the RADIUS authentication subsystem of Cisco Secure Firewall Management Center (FMC), tracked as CVE-2025-20265 allows unauthenticated remote code…
Read more >
