• CVE-2024-53104: Critical Linux Kernel Vulnerability Actively Exploited
• CVE-2024-56161: AMD Addresses Vulnerability Allowing Malicious Microcode Loading
• Multiple Vulnerabilities Actively Exploited: Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor
• Advisory: Zyxel Declines to Patch Actively Exploited Vulnerabilities in End-of-Life Routers
• Advisory: Chinese Cyberspies Deploy New SSH Backdoor in Network Device Attacks
• CVE-2025-0411: 7-Zip Vulnerability Exploited to Bypass Windows Mark of the Web
• CVE-2025-21293: Privilege Escalation Vulnerability in Active Directory Domain Services

Threat Intelligence Briefing [PDF]

• CVE-2024-41710: New Aquabotv3 botnet malware targets Mitel command injection flaw
• CVE-2024-40891: Hackers exploit critical unpatched flaw in Zyxel CPE devices
• CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728: Hackers exploiting flaws in SimpleHelp RMM to breach networks
• Advisory: New Apple CPU side-channel attacks steal data from browsers
• CVE-2025-24085: Apple fixes this year’s first actively exploited zero-day bug
• CVE-2025-23040 and CVE-2024-50338, CVE-2024-53263, CVE-2024-53858: Clone2Leak attacks exploit Git flaws to steal credentials

Threat Intelligence Briefing [PDF]

• Advisory: IPany VPN breached in supply-chain attack to push custom malware
• CVE-2025-0411: 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now
• Advisory: Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
• Advisory: Microsoft: Exchange 2016 and 2019 reach end of support in October
• CVE-2025-23006: SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix
• CVE-2025-20156 (CVSS 9.9): Cisco Meeting Management Flaw Allows for Privilege Escalation

Threat Intelligence Briefing [PDF]

• Advisory: Hackers leak configs and VPN credentials for 15,000 FortiGate devices
• CVE-2024-7344: New UEFI Secure Boot flaw exposes systems to bootkits, patch now
• CVE-2025-0070, CVE-2025-0066, CVE-2025-0063, CVE-2025-0061: SAP fixes critical vulnerabilities in NetWeaver application servers
• Advisory: Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
• CVE-2024-55591: Fortinet warns of auth bypass zero-day exploited to hijack firewalls
• CVE-2024-12686 and CVE-2024-12356: CISA orders agencies to patch BeyondTrust bug exploited in attacks
• Advisory: Ransomware abuses Amazon AWS feature to encrypt S3 buckets
• CVE-2025-0282: Ivanti zero-day attacks infected devices with custom malware
• CVE-2024-53704: SonicWall urges admins to patch exploitable SSLVPN bug immediately
• Advisory: CISA warns of critical Oracle, Mitel flaws exploited in attacks

Threat Intelligence Briefing [PDF]

WEBINAR: Managing and Mitigating Risks to
Enable Safe and Secure AI Usage

• CVE-2024-12856: Hackers exploit Four-Faith router flaw to open reverse shells
• CVE-2024-3393: Hackers exploit DoS flaw to disable Palo Alto Networks firewalls
• Advisory: Chrome extensions hijacked to steal users’ data
• CVE-2024-52046, CVE-2024-43441, CVE-2024-45387: Apache warns of critical flaws in MINA, HugeGraph, Traffic Control
• CVE-2023-1389 & CVE-2018-17532: New botnet exploits vulnerabilities in NVRs, TP-Link routers
• CVE-2024-53961: Adobe warns of critical ColdFusion bug with PoC exploit code
• CVE-2024-56337: Apache fixes remote code execution bypass in Tomcat web server

Threat Intelligence Briefing [PDF]

• CVE-2023-34990: Critical FortiWLM Flaw
• CVE-2024-51479: Next.js Authorization Bypass Vulnerability Affects Millions of Developers
• CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
• Advisory: Ongoing Phishing Attack Abuses Google Calendar to Bypass Spam Filters
• Advisory: Russian Hackers Use RDP Proxies to Steal Data in MiTM Attacks
• CVE-2024-35250: Windows Kernel Bug Now Exploited in Attacks to Gain SYSTEM Privileges

Threat Intelligence Briefing [PDF]

• Advisory: CISA Shares Tips to Defend against Salt Typhoon, Group behind recent Telecom Breaches
• CVE-2024-11639: Ivanti Warns of Maximum Severity CSA Auth Bypass Vulnerability
• Advisory: Microsoft December 2024 Patch Tuesday Fixes 1 Exploited Zero-Day, 71 Flaws
• CVE-2024-50623: New Cleo Zero-Day RCE Flaw Exploited in Data Theft Attacks

Threat Intelligence Briefing [PDF]

• CVE-2024-35286 & CVE-2024-41713: Critical Vulnerabilities in Mitel MiCollab Exploited with Proof-of-Concept Code
• CVE-2024-8785: Critical Remote Code Execution Vulnerability in WhatsUp Gold
• CVE-2024-40711: Critical Remote Code Execution Vulnerability in Veeam Service Provider Console
• Advisory: Novel Phishing Campaign Leveraging Corrupted Word Documents
• Advisory: FBI shares tips on how to tackle AI-powered fraud schemes

Threat Intelligence Briefing [PDF]

• CVE-2024-47575 : Critical Zero-Day Vulnerability in Fortinet FortiManager Exploited in the Wild 
• Active Exploitation of Critical Vulnerabilities in VMware vCenter Server and Progress Kemp LoadMaster
• CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses
• CVE-2024-48990, CVE-2024-48992, CVE-2024-48991, CVE-2024-10224, CVE-2024-11003: Critical Privilege Escalation Vulnerabilities in Ubuntu’s ‘needrestart’ Utility
• CVE-2024-0012 & CVE-2024-9474: Palo Alto Networks Addresses Critical Zero-Day Vulnerabilities
• Advisory: Chinese Hackers Exploit Fortinet VPN Zero-Day to Steal Credentials

Threat Intelligence Briefing [PDF]

• CVE-2024-10914 & CVE-2024-3273: Critical bug in EoL D-Link NAS devices now exploited in attacks
• Advisory: Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws
• CVE-2024-40711: Critical Veeam RCE bug now used in Frag ransomware attacks
• Advisory: FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023
• Advisory: Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools

Threat Intelligence Briefing [PDF]

• CVE-2024-42509 and CVE-2024-47460: HPE Aruba Networking Access Points RCE Vulnerabilities
• CVE-2024-20418: Cisco Command Injection Vulnerability in UWRB Access Points
• Advisory: DocuSign’s Envelopes API Abused to Send Realistic Fake Invoices
• CVE-2024-38094: Microsoft SharePoint RCE Vulnerability Exploited in Network Breaches
• Advisory: LastPass Warns of Fake Support Centers Targeting Customers
• CVE-2024-40715: Authentication Bypass Vulnerability in Veeam Backup Enterprise Manager

Threat Intelligence Briefing [PDF]

• CVE-2024-40766: Fog ransomware targets SonicWall VPNs to breach corporate networks
• New Cisco ASA and FTD features block VPN brute-force password attacks
• Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
• Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

Threat Intelligence Briefing [PDF]

• CVE-2024-47575: Fortinet FortiManager RCE Exploit in Active Attacks
• CVE-2024-43532: Exploit Released for Windows Server “WinReg” NTLM Relay Attack
• CVE-2024-38812: VMware Fixes Bad Patch for Critical vCenter Server RCE Flaw
• Advisory: Over 6,000 WordPress Sites Compromised to Install Plugins Pushing Infostealers

Threat Intelligence Briefing [PDF]

• CVE-2024-28987: SolarWinds Web Help Desk flaw is now exploited in attacks
• CVE-2024-30088: Iranian hackers now exploit Windows flaw to elevate privileges
• CISA: Hackers abuse F5 BIG-IP cookies to map internal servers

Threat Intelligence Briefing [PDF]

• CVE-2024-23113: CISA says critical Fortinet RCE flaw now exploited in attacks
• CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, CVE-2024-9466, CVE-2024-9467: Palo Alto Networks warns of firewall hijack bugs with public exploit
• CVE-2024-43573, CVE-2024-43572, CVE-2024-6197, CVE-2024-20659, CVE-2024-43583 Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws
• CVE-2024-8963, CVE-2024-9379, CVE-2024-9380, CVE-2024-9381: Ivanti warns of three more CSA zero-days exploited in attacks
• CVE-2024-43047: Qualcomm patches high-severity zero-day exploited in attacks

Threat Intelligence Briefing [PDF]

• CVE-2024-29824: Critical Ivanti RCE flaw with public exploit now used in attacks
• CVE-2024-41925 & CVE-2024-45367: CISA – Network switch RCE flaw impacts critical infrastructure
• CVE-2024-45519: Critical Zimbra RCE flaw exploited to backdoor servers using emails
• CVE-2024-46905 – CVE-2024-46909 & CVE-2024-8785: Progress urges admins to patch critical WhatsUp Gold bugs ASAP

Threat Intelligence Briefing [PDF]

• CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507 – Critical RCE Flaws in HPE Aruba Networking Access Points
• CVE-2024-7593: Critical Ivanti vTM auth bypass bug now exploited in attacks
• CVE-2024-27348: CISA warns of actively exploited Apache HugeGraph-Server bug
• CUPS flaws enable Linux remote code execution

Threat Intelligence Briefing [PDF]

• 2024 Week 38 (September 13 – September 20)CVE-2024-8695 & CVE-2024-8696: Two Critical RCE Flaws Discovered in Docker Desktop
• CVE-2024-38014: Researchers Detail 0-Day Vulnerability in Windows MSI Installer
• Chrome 129 Patches High-Severity Vulnerability in V8 Engine
• CVE-2024-37985: Microsoft Confirms Zero-Day Bug in Windows
• Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data

Threat Intelligence Briefing [PDF]

• CVE-2024-6678: GitLab warns of critical pipeline execution vulnerability
• CVE-2024-29847: Ivanti fixes maximum severity RCE bug in Endpoint Management software
• CVE-2024-40766: Critical SonicWall SSLVPN bug exploited in ransomware attacks
• CVE-2024-8686: PAN-OS Command Injection and CVE-2024-8687:GlobalProtect Exposure
• Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

Threat Intelligence Briefing [PDF]

• CVE-2024-44000: LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks
• CVE-2024-40711: Veeam warns of critical RCE flaw in Backup & Replication software
• CVE-2024-20469: Cisco fixes root escalation vulnerability with public exploit code in ISE
• Security Advisory YSA-2024-03: New Eucleak attack lets threat actors clone YubiKey FIDO keys
• CVE-2024-20439: Cisco warns of backdoor admin account in Smart Licensing Utility
• CVE-2024-7029: Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

Threat Intelligence Briefing [PDF]

• CVE-2024-39717: Chinese Volt Typhoon Hackers Exploit Versa Zero-Day to Breach ISPs and MSPs
• CVE-2024-7965: Chrome Zero-Day Exploited in the Wild
• CVE-2024-6633: Critical Hardcoded Password Vulnerability in Fortra FileCatalyst Workflow
• CVE-2023-22527: Critical Atlassian Confluence Vulnerability Exploited for Cryptojacking
• CVE-2024-37085: BlackByte Ransomware Exploits VMware ESXi Authentication Bypass Vulnerability

Threat Intelligence Briefing [PDF]

• CVE-2024-28987: SolarWinds Fixes Hardcoded Credentials Flaw in Web Help Desk
• CVE-2024-7971: Google Fixes Ninth Chrome Zero-Day Exploited in Attacks This Year
• CVE-2024-28000 – LiteSpeed Cache WordPress Plugin Vulnerability
• CVE-2024-39809, CVE-2024-39778, CVE-2024-39792, CVE-2024-41727: High-Severity Vulnerabilities in F5 BIG-IP and NGINX Plus

Threat Intelligence Briefing [PDF]

• CVE-2024-38058: Microsoft disables BitLocker security fix, advises manual mitigation
• CVE-2024-38063: Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now
• CVE-2024-28986: SolarWinds fixes critical RCE bug affecting all Web Help Desk versions
• CVE-2024-41730: Critical SAP flaw allows remote attackers to bypass authentication
• Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited
• CVE-2024-7593: Ivanti warns of critical vTM auth bypass with public exploit
• CVE-2023-31315: New AMD SinkClose flaw helps install nearly undetectable malware

Threat Intelligence Briefing [PDF]

• 18-year-old security flaw in Firefox and Chrome exploited in attacks
• CVE-2024-4885: Critical Progress WhatsUp RCE flaw now under active exploitation
• CVE-2024-36971: Google Patches New Android Kernel Vulnerability Exploited in the Wild
• CVE-2024-21302, CVE-2024-38202: Zero-Day Vulnerabilities Expose Windows Systems to “Unpatching” Attacks

Threat Intelligence Briefing [PDF]

• CVE-2024-37085: VMware ESXi Bug Exploited in Ransomware Attacks
• EchoSpoofing: Proofpoint Settings Exploited to Send Millions of Phishing Emails Daily
• Massive SMS Stealer Campaign Infects Android Devices in 113 Countries
• PKfail Secure Boot Bypass Allows Installation of UEFI Malware

Threat Intelligence Briefing [PDF]

• New Play Ransomware Linux Version Targets VMware ESXi VMs
• Telegram zero-day allowed sending malicious Android APKs as videos
• Fake CrowdStrike fixes target companies with malware, data wipers
• CVE-2024-23469, CVE-2024-23466, CVE-2024-23467, CVE-2024-28074, CVE-2024-23471, and CVE-2024-23470: SolarWinds fixes 8 critical bugs in access rights audit software

Threat Intelligence Briefing [PDF]

• CVE-2024-20401: Critical Cisco bug lets hackers add root users on SEG devices
• CVE-2024-36401: CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks
• CVE-2024-39929: Critical Exim bug bypasses security filters on 1.5 million mail servers
• CVE-2024-34102: Adobe XML external entity reference (XXE)

Threat Intelligence Briefing [PDF]

• CVE-2024-4879, CVE-2024-5178, CVE-2024-5217: Chaining 3 Bugs to Access
  All Your ServiceNow Data
• Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days
• Chinese APT40 hackers hijack SOHO routers to launch attacks
• CVE-2024-29510: RCE bug in widely used Ghostscript library now exploited in
  attacks

Threat Intelligence Briefing [PDF]

• CVE-2024-6387: A security regression was discovered in OpenSSH’s server
• CVE-2024-20399: Cisco Warns of NX-OS Zero-Day Exploited to Deploy Custom Malware
• CVE-2024-2973: Juniper Releases Out-of-Cycle Fix for Max Severity Auth Bypass Flaw
• CVE-2024-6172: Critical Flaw in Icegram Express Plugin Threatens 90,000+ WordPress Sites
• CVE-2024-5261 (CVSS 10): LibreOffice Patches Critical Vulnerability in LibreOfficeKit

Threat Intelligence Briefing [PDF]

• CVE-2024-5806: Hackers target new MOVEit Transfer critical auth bypass bug
• 5 Plugins on WordPress.org backdoored in supply chain attack
• io JavaScript supply chain attack impacts over 100K sites
• Biden bans Kaspersky antivirus software in US over security concerns

Threat Intelligence Briefing [PDF]

• CVE-2024-26169: CISA Warns of Windows Bug Exploited in Ransomware Attacks
• Hackers Use F5 BIG-IP Malware to Stealthily Steal Data for Years
• CVE-2024-3105: Critical Vulnerability in Woody Code Snippets Plugin Threatens 70,000+ WordPress Sites

Threat Intelligence Briefing [PDF]

• CVE-2024-26169: Black Basta ransomware gang linked to Windows zero-day attacks
• CVE-2024-4577: PHP fixes critical RCE flaw impacting all versions for Windows
• CVE-2024-29849: Exploit for critical Veeam auth bypass available, patch now
• Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs

Threat Intelligence Briefing [PDF]

• FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out
• TikTok fixes zero-day bug used to hijack high-profile accounts
• Zyxel issues emergency RCE patch for end-of-life NAS devices
• Exploit for critical Progress Telerik auth bypass released, patch now
• CISA warns of actively exploited Linux privilege elevation flaw

Threat Intelligence Briefing [PDF]

• CVE-2024-24919:  Check Point Remote Access VPN zero-day
• CVE-2024-23108, CVE-2024-23109: Exploit released for maximum severity Fortinet RCE bug, patch now
• CVE-2024-5274: Google fixes eighth actively exploited Chrome zero-day this year
• Okta warns of credential stuffing attacks

Threat Intelligence Briefing [PDF]

• CVE-2024-20360: Cisco FMC Vulnerability Grants Hackers Root Access

• CVE-2024-33899, CVE-2024-36052: WinRAR Update Patches Text Vulnerability

• Chrome 125 Update Patches High-Severity Vulnerabilities

• CVE-2024-21683: Atlassian Patches RCE Flaw in Confluence Data Center and Server

• Critical Remote Code Execution Flaw in Ivanti Endpoint Manager Mobile

Threat Intelligence Briefing [PDF]

• CVE-2024-4984: Yoast SEO Flaw Exposes Millions of WordPress Sites to Attack
• CVE-2024-30040 & CVE-2024-30051: Microsoft Patches Actively Exploited 0-Day Flaws
• CVE-2024-4671: Exploited Chrome Zero-Day Patched by Google
• Adobe Patches Critical Flaws in Reader, Acrobat

• CVE-2024-31497: Citrix warns XenCenter admins to manually mitigate PuTTY SSH client bug
• CVE-2024-26026, CVE-2024-21793: New BIG-IP Next Central Manager bugs allow device takeover
• CVE-2024-2876, CVE-2023-40000: Hackers exploit LiteSpeed Cache and Email Subscribers plugin flaw to create WordPress admins
• Cybersecurity Advisory: North Korean Hackers Exploiting Weak DMARC Policies 

Threat Intelligence Briefing [PDF]

• CVE-2024-26305, CVE-2024-26304, CVE-2024-33511, CVE-2024-33512: HPE Aruba Networking fixes four critical RCE flaws in ArubaOS
• Okta warns of “unprecedented” credential stuffing attacks on customers
• US govt warns of pro-Russian hacktivists targeting water facilities
• DropBox says hackers stole customer data, auth secrets from eSignature service

Threat Intelligence Briefing [PDF]

• CVE-2024-2389: Maximum severity Flowmon bug has a public exploit
• CVE-2024-20353, CVE-2024-20359: ArcaneDoor hackers exploit Cisco zero-days
to breach govt networks
• CVE-2024-4040: CrushFTP warns users to patch exploited zero-day
“immediately”
• Hackers hijack antivirus updates to drop GuptiMiner malware

Threat Intelligence Briefing [PDF]

• CVE-2024-24996 and CVE-2024-29204: More Critical Flaws in Ivanti Products: Avalanche MDM
• CVE-2024-31497: Critical PuTTY Vulnerability Allows Secret Key Recovery
• CVE-2024-28890, CVE-2024-31077, and CVE-2024-31857: Critical Vulnerabilities Forminator WordPress Plugin
• Attackers Targeting VPN, SSH, and Web Applications with millions of login attempts
• CVE-2024-3400: Palo Alto PAN-OS Vulnerability

Threat Intelligence Briefing [PDF]

• CVE-2024-29988: Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
• CVE-2024-26234: Microsoft Proxy Driver Spoofing Vulnerability
• CVE-2024-3273: D-Link NAS Backdoor Account
• Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs

Threat Intelligence Briefing [PDF]

• CVE-2024-3094: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library
• CVE-2024-2879: Critical flaw in LayerSlider WordPress plugin impacts 1 million sites
• CVE-2024-21894, CVE-2024-22052, CVE-2024-22053, CVE-2024-22023: Ivanti fixes VPN gateway vulnerability allowing RCE and DoS attacks
• CVE-2024-0582: Serious Linux Kernel Bug
• CVE-2024-3159: Google fixes one more Chrome zero-day exploited at Pwn2Own

Threat Intelligence Newsletter [PDF]

• CVE-2024-1538: Critical WordPress File Manager plugin flaw 
• CVE-2024-2615: Firefox Zero-Click Attacks Possible 
• CVE-2024-0980: Vulnerability in Okta Verify for Windows 
• CVE-2023-24955, CVE-2023-29357: CISA tags Microsoft SharePoint RCE bug as actively exploited 
• Cisco warns of password-spraying attacks targeting VPN services 

• CVE-2024-23944: Critical Apache ZooKeeper Flaw Exposes Sensitive Data, Patch Immediately 
• CVE-2024-25153: Remote Code Execution in Fortra FileCatalyst 
• CVE-2023-48788: Exploit released for Fortinet RCE bug used in attacks, patch now 

Threat Intelligence Briefing [PDF]

• CVE-2024-21762: Critical Fortinet flaw may impact 150,000 exposed devices 
• CVE-2023-6000: Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware 
• Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs 

Threat Intelligence Briefing [PDF]

• CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255: Critical ESXi Sandbox Escape Flaws   
• CVE-2024-23225 & CVE-2024-23296: Apple Patches Actively Exploited 0-Day Flaws  
• CVE-2024-0692: SolarWinds Security Event Manager Unauthenticated RCE Flaw 
• CVE-2023-29360: CISA warns of Microsoft Streaming bug exploited in malware attacks 

Threat Intelligence Briefing [PDF]

• CVE-2024-0819: TeamViewer’s Security Flaw Risks Password Safety 
• CVE-2024-24401 & 24402: Nagios XI Security Flaws 
• CVE-2024-1698: Critical SQLi Flaw in NotificationX WordPress Plugin 
• CVE-2024-26592 & 26594: Critical Linux Kernel Flaws 

Threat Intelligence Briefing [PDF]

• CVE-2024-1708 and CVE-2024-1709: ConnectWise critical RCE flaw
• CVE-2024-22245 and CVE-2024-22250: VMware deprecated, vulnerable auth plug-in
• CVE-2024-25600: RCE flaw in Bricks WordPress site builder

Threat Intelligence Briefing [PDF]

• CVE-2024-21410: New critical Exchange bug exploited as zero-day 
• CVE-2024-24691: Zoom patches critical privilege elevation flaw in Windows apps 
• CVE-2024-21413: New critical Microsoft Outlook RCE bug is trivial to exploit 
• Hackers used new Windows Defender zero-day to drop DarkMe malware 
• Ongoing Microsoft Azure account hijacking campaign targets executives 

Threat Intelligence Briefing [PDF]