Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.
The zero-day vulnerability, tracked by Trend Micro's Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden
March 18th, 2025 (about 1 month ago)
|
|
Description: In a rare move, China's state security ministry released the names and photos of four alleged hackers within Taiwan's defense ministry.
March 18th, 2025 (about 1 month ago)
|
|
Description: Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL.
The attack, detected by ESET in late August 2024, singled out a Central European diplomatic institute with lures related to Word Expo, which is scheduled to kick off in
March 18th, 2025 (about 1 month ago)
|
CVE-2025-2398 |
Description: A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been rated as critical. This issue affects some unknown processing of the component CLI su Command Handler. The manipulation leads to use of default credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Eine Schwachstelle wurde in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P bis 20250305 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil der Komponente CLI su Command Handler. Durch Manipulation mit unbekannten Daten kann eine use of default credentials-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.6) EPSS Score: 0.06%
March 17th, 2025 (about 1 month ago)
|
|
CVE-2025-2397 |
Description: A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been declared as problematic. This vulnerability affects unknown code of the component Telnet Service. The manipulation leads to improper authorization. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. In China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P bis 20250305 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Das betrifft eine unbekannte Funktionalität der Komponente Telnet Service. Durch die Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (4.8) EPSS Score: 0.03%
March 17th, 2025 (about 1 month ago)
|
|
Description: TwoNet Targeted the Website of HM Sanchinarro
March 17th, 2025 (about 1 month ago)
|
|
March 16th, 2025 (about 1 month ago)
|
|
Description: Threat Actor "Digileak" Allegedly Selling Admin Access to a Medical Task Management Dashboard in China
March 14th, 2025 (about 1 month ago)
|
|
Description: Researchers said the state-backed group dubbed UNC3886 was behind a campaign to deploy custom backdoors on the company’s Junos OS routers.
March 13th, 2025 (about 1 month ago)
|
|
Description: Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."
March 12th, 2025 (about 1 month ago)
|