CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack
🚨 Marked as known exploited on May 14th, 2025 (2 months ago).
Description: The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" — for now — and stem from open source libraries.
Source: Dark Reading
May 14th, 2025 (2 months ago)
Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server
🚨 Marked as known exploited on May 14th, 2025 (2 months ago).
Description: Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them
Source: TheHackerNews
May 14th, 2025 (2 months ago)
Microsoft Patches Five Actively Exploited Flaws in May 2025 Windows 11 Update
🚨 Marked as known exploited on May 13th, 2025 (2 months ago).
Description: Microsoft's Patch Tuesday for May 2025 addresses 78 vulnerabilities across its product suite, including five zero-day vulnerabilities that are already being exploited in the wild. The Windows 11 cumulative update KB5058411 (Build 26100.4061) brings critical fixes for elevation-of-privilege and remote code execution flaws impacting core Windows components. The update was released on May 13, 2025, … The post Microsoft Patches Five Actively Exploited Flaws in May 2025 Windows 11 Update appeared first on CyberInsider.
Source: CyberInsider
May 13th, 2025 (2 months ago)
Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws
🚨 Marked as known exploited on May 13th, 2025 (2 months ago).
Description: Today is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. [...]
Source: BleepingComputer
May 13th, 2025 (2 months ago)
May Security Update
🚨 Marked as known exploited on May 13th, 2025 (2 months ago).
Description: Ivanti releases standard security patches on the second Tuesday of every month. For many of our customers, the predictable schedule facilitates better planning and management of IT resources, allowing them to allocate time and personnel efficiently for the timely updates. Today, Ivanti is disclosing vulnerabilities in Ivanti ITSM (on-premises only), Cloud Security Application (CSA) and Neurons for MDM. It is important for customers to know: We have no evidence of any of these vulnerabilities being exploited in the wild. These vulnerabilities do not impact any other Ivanti solutions. More information on these vulnerabilities and detailed instructions on how to remediate the issues can be found in these Security Advisories: Ivanti Neurons for ITSM (on-premises only) Cloud Security Application (CSA) Ivanti Neurons for MDM Our Support team is always available to help customers and partners should they have any questions. Cases can be logged via the Success portal (login credentials required). Want to stay up to date on Ivanti Security Advisories? Paste https://www.ivanti.com/blog/topics/security-advisory/rss into your preferred RSS reader / functionality in your email program.
Source: Ivanti Security Advisories
May 13th, 2025 (2 months ago)
SonicWall Issues Patch for Exploit Chain in SMA Devices
🚨 Marked as known exploited on May 8th, 2025 (2 months ago).
Description: Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.
Source: Dark Reading
May 8th, 2025 (2 months ago)
Critical Langflow RCE flaw exploited to hack AI app servers
🚨 Marked as known exploited on May 6th, 2025 (2 months ago).
Description: The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible. [...]
Source: BleepingComputer
May 6th, 2025 (2 months ago)
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
🚨 Marked as known exploited on May 6th, 2025 (2 months ago).
Description: Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. The activity, first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025, involves the exploitation of two operating system command
Source: TheHackerNews
May 6th, 2025 (2 months ago)
CISA Warns 2 SonicWall Vulnerabilities Under Active Exploitation
🚨 Marked as known exploited on May 6th, 2025 (2 months ago).
Description: The vulnerabilities affect SonicWall's SMA devices for secure remote access, which have been heavily targeted by threat actors in the past.
Source: Dark Reading
May 6th, 2025 (2 months ago)
Google fixes actively exploited FreeType flaw on Android
🚨 Marked as known exploited on May 6th, 2025 (2 months ago).
Description: Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. [...]
Source: BleepingComputer
May 6th, 2025 (2 months ago)