Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-29817
Microsoft Power Automate Desktop Information Disclosure Vulnerability
Description: Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.

CVSS: MEDIUM (5.7)

EPSS Score: 0.11%

Source: CVE
April 15th, 2025 (2 days ago)
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024
Description: Microsoft announced it will begin disabling all ActiveX controls in Windows versions of Microsoft 365 and Office 2024 applications later this month. [...]
Source: BleepingComputer
April 15th, 2025 (2 days ago)
Microsoft: Exchange 2016 and 2019 reach end of support in six months
Description: ​Microsoft warned that Exchange 2016 and Exchange 2019 will reach the end of support six months from now, on October 14. [...]
Source: BleepingComputer
April 15th, 2025 (2 days ago)
Microsoft warns of CPU spikes when typing in classic Outlook
Description: Microsoft warned Windows users of increased CPU usage when typing while using recent versions of the classic Outlook email client. [...]
Source: BleepingComputer
April 15th, 2025 (2 days ago)
ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK?
Source: TheRegister
April 15th, 2025 (2 days ago)
Microsoft tells Windows users to ignore 0x80070643 WinRE errors
Description: Microsoft says some users might see 0x80070643 installation failures when trying to deploy the April 2025 Windows Recovery Environment (WinRE) updates. [...]
Source: BleepingComputer
April 14th, 2025 (3 days ago)
Microsoft: New emergency Windows updates fix AD policy issues
Description: Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. [...]
Source: BleepingComputer
April 14th, 2025 (3 days ago)
OpenAI's GPT-4.1, 4.1 nano, and 4.1 mini models release imminent
Description: According to references spotted on OpenAI's website, the Microsoft-backed AI startup is planning to launch five new models this week, including GPT-4.1, 4.1 nano, and 4.1 mini. [...]
Source: BleepingComputer
April 14th, 2025 (3 days ago)
Microsoft: Windows Server 2025 restarts break connectivity on some DCs
Description: Microsoft warned IT admins that some Windows Server 2025 domain controllers might become inaccessible after a restart, causing apps and services to fail or remain unreachable. [...]
Source: BleepingComputer
April 14th, 2025 (3 days ago)
Tycoon2FA phishing kit targets Microsoft 365 with new tricks
Description: Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. [...]
Source: BleepingComputer
April 12th, 2025 (5 days ago)