The July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]
CVE-2025-8088 (CVSS 8.4) is a new high-risk path traversal vulnerability [CWE-35] in WinRAR versions 7.12 and below and related components including UnRAR.dll. The flaw allows unauthorized attackers to copy malicious files into sensitive directories, including the Windows Startup folder, where they can be executed. ESET Research reports that active exploitation of CVE-2025-8088 began on July […]
On Saturday, July 19th, flaws in Microsoft SharePoint Server became the subject of emergency cybersecurity alerts worldwide. Four CVEs are involved and collectively dubbed “ToolShell”; two published in early July already had patches available, but after being bypassed, two new CVEs were issued. The flaws can allow unauthenticated remote code execution (RCE) at the Windows […]
The 2025 IOCTA report from Europol warns that demand for data on the cybercrime underground is surging. How much data has been stolen exactly? Determining exact numbers is impossible. However, the personal information of 190 million individuals including Social Security Numbers (SSN), was stolen from Change Healthcare in a single breach. That’s more than half […]
A fresh vulnerability, CVE-2025-25257 (CVSS 9.6) in Fortinet’s FortiWeb Fabric Connector presents high risk globally. Although the CVE is still only in RESERVED status as of July 14th, 2025, it has already received a national CERT advisory from Belgium’s CERT.be and the Center for Internet Security (CIS) has also issued an alert. More alerts should […]
In 2025, IT security teams are overwhelmed with a deluge of new security risks. The need to prioritize vulnerability remediation is an ongoing theme among IT security and risk analysts. In a haystack of tasks, finding the needles is imperative. Factors compounding this problem include a cybersecurity talent shortage, novel attack techniques, and the increasing […]
May 2025 was a volcanic month for cybersecurity news, including several large breaches and new critical severity vulnerabilities. The Greenbone blog has already covered some major events, such as new actively exploited vulnerabilities in SAP Netweaver, Commvault Command Center and Ivanti EPMM. In total 4,014 new vulnerabilities were added to MITRE’s CVE (Common Vulnerabilities and […]
Just last month, CVE-2025-22457 (CVSS 9.8) affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways was recognized as a vector for ransomware. Now, two new CVEs have been added to the growing list of high-risk Ivanti vulnerabilities; CVE-2025-4427 and CVE-2025-4428 affecting Ivanti EPMM (Endpoint and Patch Management Mobile) are under active exploitation. Greenbone includes active […]
CVE-2025-31324 (CVSS 9.8), published on April 24th 2025, allows unauthenticated attackers to upload executable files [CWE-434] via the NetWeaver Visual Composer component which can result in Remote Code Execution (RCE). The CVE presents a high degree of risk; many publicly available proof-of-concept (PoC) exploits [1][2][3][4][5] are available, and active attack campaigns have been alerted by […]
In the early days of digital, hacking was often fame or prank driven. Fast forward to 2025; hacking has been widely monetized for illicit gains. Cybercrime is predicted to cost the global economy 10.5 trillion Dollar in 2025. Globally, the trend of increasing geocriminality is pushing individual countries and entire economic regions [1][2] to make […]
