The August 2025 Threat Report underscores how quickly high-risk vulnerabilities can shift from disclosure to active exploitation. Citrix, Fortinet, N-able, and Trend Micro flaws were weaponized within days. Other critical flaws in highly targeted software, such as Microsoft Exchange, emerged. Mainstream enterprise applications, such as Docker Desktop, Git, and Zoom, were also exposed to new […]
CVE-2025-57819 (CVSS 9.8) is a new maximum severity CVE affecting FreePBX versions 15, 16, and 17 if the commercial EndPoint Management (EPM) module is installed. Private Branch Exchange (PBX) is a telephony technology for routing voice calls, and often includes additional services, such as voicemail. CVE-2025-57819 is caused by insufficiently sanitised user input, resulting in […]
The July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]
CVE-2025-8088 (CVSS 8.4) is a new high-risk path traversal vulnerability [CWE-35] in WinRAR versions 7.12 and below and related components including UnRAR.dll. The flaw allows unauthorized attackers to copy malicious files into sensitive directories, including the Windows Startup folder, where they can be executed. ESET Research reports that active exploitation of CVE-2025-8088 began on July […]
On Saturday, July 19th, flaws in Microsoft SharePoint Server became the subject of emergency cybersecurity alerts worldwide. Four CVEs are involved and collectively dubbed “ToolShell”; two published in early July already had patches available, but after being bypassed, two new CVEs were issued. The flaws can allow unauthenticated remote code execution (RCE) at the Windows […]
The 2025 IOCTA report from Europol warns that demand for data on the cybercrime underground is surging. How much data has been stolen exactly? Determining exact numbers is impossible. However, the personal information of 190 million individuals including Social Security Numbers (SSN), was stolen from Change Healthcare in a single breach. That’s more than half […]
A fresh vulnerability, CVE-2025-25257 (CVSS 9.6) in Fortinet’s FortiWeb Fabric Connector presents high risk globally. Although the CVE is still only in RESERVED status as of July 14th, 2025, it has already received a national CERT advisory from Belgium’s CERT.be and the Center for Internet Security (CIS) has also issued an alert. More alerts should […]
In 2025, IT security teams are overwhelmed with a deluge of new security risks. The need to prioritize vulnerability remediation is an ongoing theme among IT security and risk analysts. In a haystack of tasks, finding the needles is imperative. Factors compounding this problem include a cybersecurity talent shortage, novel attack techniques, and the increasing […]
May 2025 was a volcanic month for cybersecurity news, including several large breaches and new critical severity vulnerabilities. The Greenbone blog has already covered some major events, such as new actively exploited vulnerabilities in SAP Netweaver, Commvault Command Center and Ivanti EPMM. In total 4,014 new vulnerabilities were added to MITRE’s CVE (Common Vulnerabilities and […]
Just last month, CVE-2025-22457 (CVSS 9.8) affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways was recognized as a vector for ransomware. Now, two new CVEs have been added to the growing list of high-risk Ivanti vulnerabilities; CVE-2025-4427 and CVE-2025-4428 affecting Ivanti EPMM (Endpoint and Patch Management Mobile) are under active exploitation. Greenbone includes active […]
