Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Description: Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. [...]
Source: BleepingComputer
January 14th, 2025 (3 months ago)
Windows 11 KB5050009 & KB5050021 cumulative updates released
Description: Microsoft has released the Windows 11 KB5050009 and KB5050021 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]
Source: BleepingComputer
January 14th, 2025 (3 months ago)

CVE-2024-44243
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Description: Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug

EPSS Score: 0.05%

Source: TheHackerNews
January 14th, 2025 (3 months ago)
Hackers use FastHTTP in new high-speed Microsoft 365 password attacks
Description: Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. [...]
Source: BleepingComputer
January 14th, 2025 (3 months ago)
Microsoft 365 apps crash on Windows Server after Office update
Description: ​Microsoft says a known issue is causing Classic Outlook and Microsoft 365 applications to crash on Windows Server 2016 or Windows Server 2019 systems. [...]
Source: BleepingComputer
January 14th, 2025 (3 months ago)
Microsoft Cracks Down on Malicious Copilot AI Use
Description: According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.
Source: Dark Reading
January 13th, 2025 (3 months ago)
Microsoft sues 'foreign-based' criminals, seizes sites used to abuse AI
Source: TheRegister
January 13th, 2025 (3 months ago)
Microsoft: macOS bug lets hackers install malicious kernel drivers
Description: Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. [...]
Source: BleepingComputer
January 13th, 2025 (3 months ago)
Microsoft MFA outage blocking access to Microsoft 365 apps
Description: ​Microsoft is investigating an ongoing Multi-Factor Authentication (MFA) outage that is blocking customers from accessing Microsoft 365 Office apps. [...]
Source: BleepingComputer
January 13th, 2025 (3 months ago)

CVE-2024-42179
HCL MyXalytics is affected by sensitive information disclosure vulnerability
Description: HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version.

CVSS: LOW (2.0)

EPSS Score: 0.04%

Source: CVE
January 13th, 2025 (3 months ago)