Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-2188
Whitelist bypass Vulnerability in GameCenter
Description: There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity.

CVSS: HIGH (8.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (4 days ago)

CVE-2025-1532
Code Injection Vulnerability in Phoneservice
Description: Phoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity.

CVSS: HIGH (8.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (4 days ago)
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Description: Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like Binance or
Source: TheHackerNews
April 17th, 2025 (4 days ago)
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Description: A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0. "The vulnerability allows an attacker with network access to an Erlang/OTP SSH

CVSS: CRITICAL (10.0)

EPSS Score: 0.67%

Source: TheHackerNews
April 17th, 2025 (4 days ago)
This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops
Description: Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”
Source: 404 Media
April 17th, 2025 (4 days ago)
🏴‍☠️ Qilin has just published a new victim : bertie.k12.nc.us
Description: Bertie County Public Schools is committed to ensuring that every child in our community receives the best possible education. We are dedicated to nurturing and supporting our students from Pre-K to 12th grade, providing them with the resource ...
Source: Ransomware.live
April 17th, 2025 (4 days ago)
CISA tags SonicWall VPN flaw as actively exploited in attacks
🚨 Marked as known exploited on April 17th, 2025 (4 days ago).
Description: On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. [...]
Source: BleepingComputer
April 17th, 2025 (4 days ago)
Apple Fixes Two New Zero-Day Flaws Exploited in Targeted iOS Attacks
🚨 Marked as known exploited on April 17th, 2025 (4 days ago).
Description: Apple has released emergency security updates for iOS, iPadOS, and macOS to patch two zero-day vulnerabilities that are reportedly being actively exploited in sophisticated, targeted attacks. The two newly disclosed flaws are tracked as CVE-2025-31200 and CVE-2025-31201. Both were addressed on April 16, 2025, with the release of iOS 18.4.1, iPadOS 18.4.1, and macOS Sequoia … The post Apple Fixes Two New Zero-Day Flaws Exploited in Targeted iOS Attacks appeared first on CyberInsider.

EPSS Score: 0.41%

Source: CyberInsider
April 17th, 2025 (4 days ago)
🏴‍☠️ Sarcoma has just published a new victim : Ju Percussion Group
Description: Ju Percussion Group To date, the group has played in 33 different countries around the world, and cultivated more than 130,000 percussion learners by means of its instruction system. The growth of the Ju Percussion Group is a reflection of the development of contemporary percussion on the island of Taiwan. In 1986, the Ju Percussion Group met at a hot pot restaurant in Taipei and announced to the world that Taiwan's very first professional percussion band had been born. When the Ju Percussion Group was first established, most people in Taiwan were unfamiliar with its percussion music genre. Thanks to the group's activities, however, the Ju Percussion Group soon became a household name throughout the island. In 1991, the Ju Percussion Group introduced its instruction system, which swept the country with its absorbing and authentic teaching format. At present, there are 30 existing percussion music schools around the worldGeo: Taiwan - Leak size: 1.6 TB Archive - Contains: Files
Source: Ransomware.live
April 17th, 2025 (4 days ago)
🏴‍☠️ Sarcoma has just published a new victim : Manchester Credit Union
Description: Manchester Credit Union Manchester Credit Union offers ethical and affordable financial services, including personal loans and savings opportunities, catering primarily to local residents. The organization emphasizes community involvement, providing members with a share in ownership and earning dividends on their savings. They also offer a mobile app for convenient money management, and various educational initiatives aimed at promoting financial literacy. With over 30,000 members, the credit union is committed to supporting individuals and communities while keeping financial services accessible.Geo: United Kingdom - Leak size: 6 GB Archive - Contains: Files,SQL
Source: Ransomware.live
April 17th, 2025 (4 days ago)