Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft: New RAT malware used for crypto theft, reconnaissance
Description: ​Microsoft has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, ensure persistence, and extract sensitive information data. [...]
Source: BleepingComputer
March 17th, 2025 (about 1 month ago)
Alleged Sale of 1-Day Remote Code Execution (RCE) Exploit Targeting Microsoft Windows
Description: Alleged Sale of 1-Day Remote Code Execution (RCE) Exploit Targeting Microsoft Windows
Source: DarkWebInformer
March 17th, 2025 (about 1 month ago)
Microsoft: March Windows updates mistakenly uninstall Copilot
Description: ​Microsoft says the March 2025 Windows cumulative updates automatically and mistakenly remove the AI-powered Copilot digital assistant from some Windows 10 and Windows 11 systems. [...]
Source: BleepingComputer
March 17th, 2025 (about 1 month ago)
Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied
Source: TheRegister
March 17th, 2025 (about 1 month ago)
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts
Description: Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]
Source: BleepingComputer
March 16th, 2025 (about 1 month ago)
Threat Actor Impersonates Booking.com in Phishing Scheme
Description: Microsoft detailed a sophisticated campaign that relies on a social engineering technique, "ClickFix," in which a phisher uses security verification like captcha to give the target a false sense of safety.
Source: Dark Reading
March 14th, 2025 (about 1 month ago)
Week-long Exchange Online outage causes email failures, delays
Description: Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages. [...]
Source: BleepingComputer
March 14th, 2025 (about 1 month ago)

CVE-2024-48938
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied...
Description: Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process.

EPSS Score: 0.25%

SSVC Exploitation: none

Source: CVE
March 14th, 2025 (about 1 month ago)
Microsoft apologizes for removing VSCode extensions used by millions
Description: Microsoft has reinstated the 'Material Theme - Free' and 'Material Theme Icons - Free' extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn't actually malicious. [...]
Source: BleepingComputer
March 13th, 2025 (about 1 month ago)
Windows Notepad to get AI text summarization in Windows 11
Description: Microsoft is now testing an AI-powered text summarization feature in Notepad and a Snipping Tool "Draw & Hold" feature that helps draw perfect shapes. [...]
Source: BleepingComputer
March 13th, 2025 (about 1 month ago)