Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
April 9th, 2025 (10 days ago)
|
|
Description: Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets.
"The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in
April 9th, 2025 (10 days ago)
|
|
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild.
Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as privilege escalation, 34 as remote code
April 9th, 2025 (10 days ago)
|
|
Description: A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.
April 8th, 2025 (10 days ago)
|
|
Description: Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims' computers to both mine and steal cryptocurrency. [...]
April 8th, 2025 (10 days ago)
|
|
Description: Microsoft published a blog post on Tuesday about the bug alongside its larger Patch Tuesday release, detailing how hackers exploited the vulnerability and used a strain of malware called PipeMagic before deploying ransomware on victims.
April 8th, 2025 (10 days ago)
|
|
Description: Microsoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. [...]
April 8th, 2025 (11 days ago)
|
|
Description: Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft has marked as “critical”.Â
April 8th, 2025 (11 days ago)
|
|
Description: Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. [...]
April 8th, 2025 (11 days ago)
|
CVE-2025-30406 |
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-30406 Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability
CVE-2025-29824 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
EPSS Score: 58.51%
April 8th, 2025 (11 days ago)
|