Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-29824
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Description: Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.

EPSS Score: 4.49%

Source: CISA KEV
April 8th, 2025 (2 months ago)
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Description: Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. "One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a
Source: TheHackerNews
April 8th, 2025 (2 months ago)

CVE-2024-3661
HPE Aruba Networking Virtual Intranet Access (VIA) Client < 4.7.2 Multiple Vulnerabilities (hpesbnw04841)
Description: Nessus Plugin ID 233997 with High Severity Synopsis The remote HPE Aruba Networking Virtual Intranet Access (VIA) Client is missing a security update. Description The version of HPE Aruba Networking Virtual Intranet Access (VIA) Client running on the remote host is affected by multiple vulnerabilities, as referenced in the hpesbnw04841 advisory. - DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN. (CVE-2024-3661) - [Windows only] A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating System. This vulnerability does not affect Linux and Android based clients. (CVE-2025-25041)Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Upgrade to HPE Aruba Networking Virtual Intranet Access (VIA) Client version 4.7.2 or later. Read more at https://www.tenable.com/plugins/nessus/233997...

CVSS: HIGH (7.6)

Source: Tenable Plugins
April 8th, 2025 (2 months ago)
EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher
Description: EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. [...]
Source: BleepingComputer
April 7th, 2025 (2 months ago)
Microsoft delays WSUS driver sync deprecation indefinitely
Description: Microsoft announced today that, based on customer feedback, it will indefinitely delay removing driver synchronization in Windows Server Update Services (WSUS). [...]
Source: BleepingComputer
April 7th, 2025 (2 months ago)
Malicious VSCode extensions infect Windows with cryptominers
Description: Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer to mine Ethereum and Monero. [...]
Source: BleepingComputer
April 7th, 2025 (2 months ago)
Windows 11 24H2 blocked on PCs with code-obfuscation driver BSODs
Description: Microsoft has introduced a new Windows 11 24H2 safeguard hold for systems running security or enterprise software using SenseShield Technology's sprotect.sys driver. [...]
Source: BleepingComputer
April 7th, 2025 (2 months ago)

CVE-2024-11859
DLL Search Order Hijacking in ESET products for Windows
Description: DLL Search Order Hijacking vulnerability potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code.

CVSS: MEDIUM (6.8)

EPSS Score: 0.03%

Source: CVE
April 7th, 2025 (2 months ago)
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
Description: A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming
Source: TheHackerNews
April 5th, 2025 (2 months ago)

CVE-2025-29796
Microsoft Edge for iOS Spoofing Vulnerability
Description: User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.

CVSS: MEDIUM (4.7)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE
April 4th, 2025 (2 months ago)