Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.
May 27th, 2025 (9 days ago)
|
|
Description: Recent attacks on institutions in the Netherlands were the work of a previously unknown Russian hacking group that Dutch intelligence agencies are labeling Laundry Bear. Microsoft also reported on the group, naming it Void Blizzard.
May 27th, 2025 (10 days ago)
|
|
Description: Microsoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to "worldwide cloud abuse."
Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian government objectives,
May 27th, 2025 (10 days ago)
|
|
Description: Microsoft has released an emergency update to address a known issue causing some Hyper-V virtual machines with Windows Server 2022 to freeze or restart unexpectedly. [...]
May 27th, 2025 (10 days ago)
|
|
Description: Microsoft Windows Server 2016 - Win32k Elevation of Privilege
May 25th, 2025 (12 days ago)
|
CVE-2025-48378 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks. Version 9.13.9 fixes the issue.
CVSS: MEDIUM (6.1) EPSS Score: 0.05%
May 23rd, 2025 (13 days ago)
|
|
CVE-2025-48377 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions. Version 9.13.9 fixes the issue.
CVSS: MEDIUM (6.0) EPSS Score: 0.05% SSVC Exploitation: none
May 23rd, 2025 (13 days ago)
|
|
CVE-2025-48376 |
Description: DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser (Host) could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue.
CVSS: LOW (3.5) EPSS Score: 0.03% SSVC Exploitation: none
May 23rd, 2025 (13 days ago)
|
|
Description: Microsoft has rolled out a new wave of AI-powered features to its core Windows 11 applications, Paint, Snipping Tool, and Notepad, available now to Windows Insiders in the Canary and Dev channels. These upgrades, exclusive to Copilot+ PCs running Windows 11, aim to boost creativity, precision, and productivity by integrating generative AI and intelligent automation …
The post Microsoft Introduces New AI Features to Paint and Notepad in Windows 11 appeared first on CyberInsider.
May 23rd, 2025 (14 days ago)
|
|
Description: Microsoft is testing a new AI-powered text generation feature in Notepad that can let Windows Insiders create content based on custom prompts. [...]
May 23rd, 2025 (14 days ago)
|