Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-32726
Visual Studio Code Elevation of Privilege Vulnerability
Description: Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.

CVSS: MEDIUM (6.8)

EPSS Score: 0.04%

Source: CVE
April 12th, 2025 (6 days ago)

CVE-2025-29834
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Description: Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVSS: HIGH (7.5)

EPSS Score: 0.07%

Source: CVE
April 12th, 2025 (6 days ago)

CVE-2025-29803
Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
Description: Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally.

CVSS: HIGH (7.3)

EPSS Score: 0.05%

Source: CVE
April 12th, 2025 (6 days ago)
Microsoft total recalls Recall totally to Copilot+ PCs
Source: TheRegister
April 11th, 2025 (6 days ago)
Microsoft Defender will isolate undiscovered endpoints to block attacks
Description: Microsoft is testing a new Defender for Endpoint capability that will block traffic to and from undiscovered endpoints to thwart attackers' lateral network movement attempts. [...]
Source: BleepingComputer
April 11th, 2025 (6 days ago)
Microsoft starts final Windows Recall testing before rollout
Description: ​Microsoft is gradually rolling out the AI-powered Windows Recall feature to Insiders in the Release Preview channel before making it generally available to all Windows users with Copilot+ PCs. [...]
Source: BleepingComputer
April 11th, 2025 (6 days ago)
Novel Microsoft Teams Attack Employs Unseen Malware Persistence Method
Description: ReliaQuest uncovered a sophisticated malware campaign that begins with Microsoft Teams phishing and escalates into a rare persistence technique involving Type Library (TypeLib) hijacking — a method never previously seen in the wild. The campaign also delivered a newly discovered PowerShell backdoor, targeting finance and professional services sectors with high precision. The investigation was initiated … The post Novel Microsoft Teams Attack Employs Unseen Malware Persistence Method appeared first on CyberInsider.
Source: CyberInsider
April 11th, 2025 (6 days ago)
Microsoft: Windows 'inetpub' folder created by security fix, don’t delete
Description: Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty "inetpub" folder and warned users not to delete it. [...]
Source: BleepingComputer
April 11th, 2025 (6 days ago)
Microsoft Edge is now up to 9% faster
Description: The Chromium-based Microsoft Edge has seen up to 9% performance improvements following the release of version 134. [...]
Source: BleepingComputer
April 11th, 2025 (6 days ago)
Microsoft: Licensing issue blocks Microsoft 365 Family for some users
Description: Microsoft is investigating a potential licensing issue blocking access to Microsoft 365 services for some customers with Family subscriptions. [...]
Source: BleepingComputer
April 10th, 2025 (7 days ago)