Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: [AI generated] Zeus TecnologĂa is a Mexico-based technology company. They focus on automating processes and designing innovative solutions to support businesses across various industries, including retail, healthcare, and manufacturing. The company offers services such as software development, artificial intelligence, big data analytics, and cloud solutions, aiming to help businesses optimize their operations and enhance their digital transformation strategies.
June 4th, 2025 (3 days ago)
|
|
|
Description: [AI generated] Kel Campbell is a logistics and transportation company based in Australia. Offering extensive services in transport and distribution, the company operates primarily in the rural sector. Known for their commitment to safety and reliability, they specialize in delivering petroleum products, general freight, and bulk commodities.
June 4th, 2025 (3 days ago)
|
CVE-2025-27811 |
Description: A local privilege escalation in the razer_elevation_service.exe in Razer Synapse 4 through 4.0.86.2502180127 allows a local attacker to escalate their privileges via a vulnerable COM interface in the target service.
EPSS Score: 0.01%
June 4th, 2025 (3 days ago)
|
|
CVE-2025-23096 |
Description: An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.
EPSS Score: 0.03%
June 4th, 2025 (3 days ago)
|
|
Description: Dashlane has become the first credential manager to support FIDO2 security keys as a primary login method for accessing password vaults. The announcement was made earlier today introducing a security upgrade that leverages hardware-based authentication through the FIDO2 protocol, developed by the FIDO Alliance and W3C. This enhancement builds on Dashlaneâs earlier passwordless login infrastructure âŚ
The post Dashlane Introduces FIDO2 Security Key Login for Vault Access appeared first on CyberInsider.
June 4th, 2025 (3 days ago)
|
|
Description: Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global supply chain reach.
June 4th, 2025 (3 days ago)
|
|
Description: Introduction
Google Threat Intelligence Group (GTIG) is tracking UNC6040, a financially motivated threat cluster that specializes in voice phishing (vishing) campaigns specifically designed to compromise organizationâs Salesforce instances for large-scale data theft and subsequent extortion. Over the past several months, UNC6040 has demonstrated repeated success in breaching networks by having its operators impersonate IT support personnel in convincing telephone-based social engineering engagements. This approach has proven particularly effective in tricking employees, often within English-speaking branches of multinational corporations, into actions that grant the attackers access or lead to the sharing of sensitive credentials, ultimately facilitating the theft of organizationâs Salesforce data. In all observed cases, attackers relied on manipulating end users, not exploiting any vulnerability inherent to Salesforce.
A prevalent tactic in UNC6040's operations involves deceiving victims into authorizing a malicious connected app to their organization's Salesforce portal. This application is often a modified version of Salesforceâs Data Loader, not authorized by Salesforce. During a vishing call, the actor guides the victim to visit Salesforce's connected app setup page to approve a version of the Data Loader app with a name or branding that differs from the legitimate version. This step inadvertently grants UNC6040 significant capabilities to access, query, and exfiltrat...
June 4th, 2025 (3 days ago)
|
|
|
Description: Written by: Nick Guttilla
Introduction
Organizations are increasingly relying on diverse digital communication channels for essential business operations. The way employees interact with colleagues, access corporate resources, and especially, receive information technology (IT) support is often conducted through calls, chat platforms, and other remote technologies. While these various available methods enhance both efficiency and global accessibility, they also introduce an expanded attack surface that can pose a significant risk if overlooked. Prevalence of in-person social interactions has diminished and remote IT structures, such as an outsourced service desk, has normalized employees' engagement with external or less familiar personnel. As a result, threat actors continue to use social engineering tactics.
Vishing in the Wild: A Tale of Two Actors
Social engineering is the psychological manipulation of people into performing unsolicited actions or divulging confidential information. It is an effective strategy that preys on human emotions and built-in vulnerabilities like trust and the desire to be helpful. Financially motivated threat actors have increasingly adopted voice-based social engineering, or "vishing," as a primary vector for initial access, though their specific methods and end goals can vary significantly.
Two prominent examples illustrate the versatility of this threat. The cluster tracked as UNC3944 (which overlaps with "Scattered Spider") has historica...
June 4th, 2025 (3 days ago)
|
|
Description: Researchers at Google said the current campaign involving versions of the Salesforce Data Loader tool has targeted about 20 organizations and is ongoing.
June 4th, 2025 (3 days ago)
|
|
June 4th, 2025 (3 days ago)
|