Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft will update Office apps on Windows 10 until 2028
Description: Microsoft has backtracked on its plan to end support for Office apps on Windows 10 later this year and announced that it will continue providing security updates for three more years, until 2028. [...]
Source: BleepingComputer
May 13th, 2025 (25 days ago)
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers
Description: A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a cyber espionage attack campaign since April 2024. "These exploits have resulted in a collection of related user data from targets in Iraq," the Microsoft Threat Intelligence team said. "The targets of the attack are associated with the Kurdish
Source: TheHackerNews
May 13th, 2025 (26 days ago)

CVE-2025-35471
conda-forge openssl-feedstock writable OPENSSLDIR
Description: conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected.

CVSS: HIGH (7.3)

EPSS Score: 0.01%

Source: CVE
May 13th, 2025 (26 days ago)
Windows 11 upgrade block lifted after Safe Exam Browser fix
Description: Microsoft has removed an upgrade block that prevented some Safe Exam Browser users from installing the Windows 11 2024 Update due to incompatibility issues. [...]
Source: BleepingComputer
May 12th, 2025 (26 days ago)
Microsoft spots zero-day use in spy campaign against Kurdish military in Iraq
Description: Hackers aligned with the Turkish government have been breaking into Output Messenger accounts to spy on Kurdish operations across the border.
Source: The Record
May 12th, 2025 (26 days ago)
Zero-day Flaw in Output Messenger Exploited in Espionage Attacks
Description: Microsoft has uncovered a sophisticated cyberespionage campaign by the threat actor Marbled Dust, which exploited a previously unknown vulnerability in the popular messaging platform Output Messenger. The group, believed to be affiliated with Turkey, has used this zero-day exploit (CVE-2025-27920) since April 2024 to gather intelligence on Kurdish military targets in Iraq. According to Microsoft … The post Zero-day Flaw in Output Messenger Exploited in Espionage Attacks appeared first on CyberInsider.

CVSS: CRITICAL (9.8)

EPSS Score: 61.11%

Source: CyberInsider
May 12th, 2025 (26 days ago)

CVE-2024-25618
External OpenID Connect Account Takeover by E-Mail Change in mastodon
Description: Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows new identities from configured authentication providers (CAS, SAML, OIDC) to attach to existing local users with the same e-mail address. This results in a possible account takeover if the authentication provider allows changing the e-mail address or multiple authentication providers are configured. When a user logs in through an external authentication provider for the first time, Mastodon checks the e-mail address passed by the provider to find an existing account. However, using the e-mail address alone means that if the authentication provider allows changing the e-mail address of an account, the Mastodon account can immediately be hijacked. All users logging in through external authentication providers are affected. The severity is medium, as it also requires the external authentication provider to misbehave. However, some well-known OIDC providers (like Microsoft Azure) make it very easy to accidentally allow unverified e-mail changes. Moreover, OpenID Connect also allows dynamic client registration. This issue has been addressed in versions 4.2.6, 4.1.14, 4.0.14, and 3.5.18. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS: MEDIUM (4.2)

EPSS Score: 0.22%

SSVC Exploitation: poc

Source: CVE
May 12th, 2025 (26 days ago)
Microsoft Teams will soon block screen capture during meetings
Description: Microsoft is working on adding a new Teams feature that will prevent users from capturing screenshots of sensitive information shared during meetings. [...]
Source: BleepingComputer
May 10th, 2025 (28 days ago)
[local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
Description: Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
Source: ExploitDB
May 9th, 2025 (29 days ago)

CVE-2025-47733
Microsoft Power Apps Information Disclosure Vulnerability
Description: Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network

CVSS: CRITICAL (9.1)

EPSS Score: 0.13%

Source: CVE
May 8th, 2025 (30 days ago)