Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: American cybersecurity company SentinelOne revealed over the weekend that a software flaw triggered a seven-hour-long outage on Thursday. [...]
June 2nd, 2025 (about 6 hours ago)
|
|
Description: Spyware maker NSO Group asked a federal judge to reduce the damages it owes to WhatsApp in a case involving 1,400 infected phones, or set up a new trial.
June 2nd, 2025 (about 7 hours ago)
|
|
🚨 Marked as known exploited on June 2nd, 2025 (about 7 hours ago).
Description: Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller.BackgroundTenable’s Research Special Operations (RSO) and the Identity Content team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a newly disclosed zero-day in Active Directory called BadSuccessor.FAQWhat is BadSuccessor?BadSuccessor is the name of a zero-day privilege escalation vulnerability in Active Directory that was discovered and disclosed by Yuval Gordon, a security researcher at Akamai.According to Gordon, the flaw exists in delegated Managed Service Accounts (dMSAs), a service account type in Active Directory (AD) that was introduced in Windows Server 2025 to enable the migration of non-managed service accounts.What are the vulnerabilities associated with BadSuccessor?As of June 2, Microsoft had not assigned a CVE identifier for BadSuccessor. Microsoft is the CVE Numbering Authority (CNA) for its products. Since there are currently no patches available for BadSuccessor, no CVE has been assigned. If Microsoft does assign a CVE alongside patches for it, we will update this blog accordingly.How is BadSuccessor exploited?To exploit BadSuccessor, an attacker needs to be able to access a user account with specific permissions in AD, and at least one domain controller in the domain needs to be running Windows Server 2025.Based on Akamai’s research, even if an AD do...
June 2nd, 2025 (about 7 hours ago)
|
|
Description: A new campaign redirects users from gaming sites, social media, and even sponsored ads to fake Booking.com websites designed to infect devices with the dangerous AsyncRAT malware. First spotted by Malwarebytes in mid-May, the campaign exploits travelers searching for hotel deals, using deceptive tactics like fake CAPTCHA forms and clipboard hijacking to convince victims to …
The post Fake Booking.com Sites Trick Visitors Into Installing AsyncRAT Malware appeared first on CyberInsider.
June 2nd, 2025 (about 7 hours ago)
|
|
Description: Google says it will no longer trust root CA certificates signed by Chunghwa Telecom and Netlock in the Chrome Root Store due to a pattern of compliance failures and failure to make improvements. [...]
June 2nd, 2025 (about 7 hours ago)
|
CVE-2021-32030 |
Description: ASUS Lyra Mini and ASUS GT-AC2900 devices contain an improper authentication vulnerability that allows an attacker to gain unauthorized access to the administrative interface. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
CVSS: CRITICAL (9.8)
June 2nd, 2025 (about 7 hours ago)
|
|
CVE-2025-5036 |
Description: A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8)
June 2nd, 2025 (about 7 hours ago)
|
|
CVE-2025-48995 |
Description: SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (`signxml.XMLVerifier.verify(require_x509=False, hmac_key=...`), versions of SignXML prior to 4.0.4 are vulnerable to a potential timing attack. The verifier may leak information about the correct HMAC when comparing it with the user supplied hash, allowing users to reconstruct the correct HMAC for any data.
CVSS: MEDIUM (6.9) SSVC Exploitation: none
June 2nd, 2025 (about 7 hours ago)
|
|
CVE-2025-48994 |
Description: SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set (`signxml.XMLVerifier.verify(require_x509=False, hmac_key=...`), versions of SignXML prior to 4.0.4 are vulnerable to a potential algorithm confusion attack. Unless the user explicitly limits the expected signature algorithms using the `signxml.XMLVerifier.verify(expect_config=...)` setting, an attacker may supply a signature unexpectedly signed with a key other than the provided HMAC key, using a different (asymmetric key) signature algorithm. Starting with SignXML 4.0.4, specifying `hmac_key` causes the set of accepted signature algorithms to be restricted to HMAC only, if not already restricted by the user.
CVSS: MEDIUM (6.9) SSVC Exploitation: none
June 2nd, 2025 (about 7 hours ago)
|
|
CVE-2024-8008 |
Description: A reflected cross-site scripting (XSS) vulnerability exists in multiple [Vendor Name] products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser to execute arbitrary JavaScript in the context of the vulnerable page.
This vulnerability may allow UI manipulation, redirection to malicious websites, or data exfiltration from the browser. However, since all session-related sensitive cookies are protected with the httpOnly flag, session hijacking is not possible.
CVSS: MEDIUM (5.2)
June 2nd, 2025 (about 7 hours ago)
|