Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Brit soldiers tune radio waves to fry drone swarms for pennies
Source: TheRegister
April 17th, 2025 (5 days ago)
New Windows Server emergency updates fix container launch issue
Description: Microsoft has released emergency Windows Server updates to address a known issue preventing Windows containers from launching. [...]
Source: BleepingComputer
April 17th, 2025 (5 days ago)

CVE-2025-2197
Type Confusion Vulnerability in Browser
Description: Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability.

CVSS: MEDIUM (4.3)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (5 days ago)

CVE-2025-2188
Whitelist bypass Vulnerability in GameCenter
Description: There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity.

CVSS: HIGH (8.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (5 days ago)

CVE-2025-1532
Code Injection Vulnerability in Phoneservice
Description: Phoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity.

CVSS: HIGH (8.1)

EPSS Score: 0.03%

Source: CVE
April 17th, 2025 (5 days ago)
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Description: Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like Binance or
Source: TheHackerNews
April 17th, 2025 (5 days ago)
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Description: A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0. "The vulnerability allows an attacker with network access to an Erlang/OTP SSH

CVSS: CRITICAL (10.0)

EPSS Score: 0.67%

Source: TheHackerNews
April 17th, 2025 (5 days ago)
This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops
Description: Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”
Source: 404 Media
April 17th, 2025 (5 days ago)
🏴‍☠️ Qilin has just published a new victim : bertie.k12.nc.us
Description: Bertie County Public Schools is committed to ensuring that every child in our community receives the best possible education. We are dedicated to nurturing and supporting our students from Pre-K to 12th grade, providing them with the resource ...
Source: Ransomware.live
April 17th, 2025 (5 days ago)
CISA tags SonicWall VPN flaw as actively exploited in attacks
🚨 Marked as known exploited on April 17th, 2025 (5 days ago).
Description: On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. [...]
Source: BleepingComputer
April 17th, 2025 (5 days ago)