Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-26643	Microsoft Edge (Chromium-based) Spoofing Vulnerability Description: No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. CVSS: MEDIUM (5.4) EPSS Score: 0.07% SSVC Exploitation: none Source: CVE March 7th, 2025 (about 1 month ago)
	Cybercrime's Cobalt Strike Use Plummets 80% Worldwide Description: Fortra, Microsoft, and Health-ISAC have combined forces to claw back one of hackers' most prized attack tools, with massive takedowns. Source: Dark Reading March 7th, 2025 (about 1 month ago)
CVE-2025-24043	[dotnet-sos] Microsoft Security Advisory CVE-2025-24043 \| WinDbg Remote Code Execution Vulnerability Description: Microsoft Security Advisory CVE-2025-24043 \| WinDbg Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Improper verification of cryptographic signature in SOS allows an authorized attacker to execute code over a network resulting in Remote Code Execution. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/346 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below WinDbg WinDbg Package name Affected version Patched version dotnet-sos < 9.0.607501 9.0.607501 dotnet-dump < 9.0.557512 9.0.607501 dotnet-debugger-extensions 9.0.557512 9.0.607601 Advisory FAQ How do I know if I am affected? If you you are using the affected version listed in affected packages, you're exposed to the vulnerability. How do I fix the issue? To fix the issue please install the latest version of WinDbg. If your application references the vulnerable package, update the package reference to the patched version. Other Information Reporting Security Issues If you have found a potential security issue, please email details to [email protected].... EPSS Score: 0.03% Source: Github Advisory Database (Nuget) March 7th, 2025 (about 1 month ago)
CVE-2025-24043	[dotnet-dump] Microsoft Security Advisory CVE-2025-24043 \| WinDbg Remote Code Execution Vulnerability Description: Microsoft Security Advisory CVE-2025-24043 \| WinDbg Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Improper verification of cryptographic signature in SOS allows an authorized attacker to execute code over a network resulting in Remote Code Execution. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/346 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below WinDbg WinDbg Package name Affected version Patched version dotnet-sos < 9.0.607501 9.0.607501 dotnet-dump < 9.0.557512 9.0.607501 dotnet-debugger-extensions 9.0.557512 9.0.607601 Advisory FAQ How do I know if I am affected? If you you are using the affected version listed in affected packages, you're exposed to the vulnerability. How do I fix the issue? To fix the issue please install the latest version of WinDbg. If your application references the vulnerable package, update the package reference to the patched version. Other Information Reporting Security Issues If you have found a potential security issue, please email details to [email protected].... EPSS Score: 0.03% Source: Github Advisory Database (Nuget) March 7th, 2025 (about 1 month ago)
CVE-2025-24043	[dotnet-debugger-extensions] Microsoft Security Advisory CVE-2025-24043 \| WinDbg Remote Code Execution Vulnerability Description: Microsoft Security Advisory CVE-2025-24043 \| WinDbg Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. Improper verification of cryptographic signature in SOS allows an authorized attacker to execute code over a network resulting in Remote Code Execution. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/346 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below WinDbg WinDbg Package name Affected version Patched version dotnet-sos < 9.0.607501 9.0.607501 dotnet-dump < 9.0.557512 9.0.607501 dotnet-debugger-extensions 9.0.557512 9.0.607601 Advisory FAQ How do I know if I am affected? If you you are using the affected version listed in affected packages, you're exposed to the vulnerability. How do I fix the issue? To fix the issue please install the latest version of WinDbg. If your application references the vulnerable package, update the package reference to the patched version. Other Information Reporting Security Issues If you have found a potential security issue, please email details to [email protected].... EPSS Score: 0.03% Source: Github Advisory Database (Nuget) March 7th, 2025 (about 1 month ago)
	Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide Description: Microsoft has disclosed details of a large-scale malvertising campaign that's estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information. The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker used for a set of threat actors Source: TheHackerNews March 7th, 2025 (about 1 month ago)
	Microsoft Says GitHub-Boosted Malware Campaign Infected 1 Million Devices Description: Microsoft has uncovered a large-scale malvertising campaign that compromised nearly one million devices worldwide, distributing information-stealing malware via GitHub. The attack, detected in early December 2024, originated from illegal streaming websites that redirected users through multiple malicious domains before delivering payloads hosted on GitHub, Dropbox, and Discord. Microsoft Threat Intelligence began tracking this campaign in … The post Microsoft Says GitHub-Boosted Malware Campaign Infected 1 Million Devices appeared first on CyberInsider. Source: CyberInsider March 7th, 2025 (about 1 month ago)
	Microsoft: North Korean hackers join Qilin ransomware gang Description: Microsoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of attacks. [...] Source: BleepingComputer March 7th, 2025 (about 1 month ago)
CVE-2024-57972	A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows... Description: A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows remote attackers to cause a Denial of Service via the Device Portal framework. EPSS Score: 2.28% Source: CVE March 6th, 2025 (about 1 month ago)
	Microsoft says malvertising campaign impacted 1 million PCs Description: Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. [...] Source: BleepingComputer March 6th, 2025 (about 1 month ago)