Just over 4,100 new CVEs emerged in October 2025, representing new attack surfaces and placing pressure on defenders to identify and patch. For operational resilience, organizations need to scan their IT infrastructure often and prioritize mitigation efforts. A free trial of Greenbone’s OPENVAS BASIC lets defenders scan their enterprise IT estate and stay on top […]
Discussion of a new security issue affecting Fortinet’s FortiWeb began circulating online in early October 2025, when cyber deception firm Defused reported capturing a working exploit via honeypot. FortiWeb is Fortinet’s web application firewall (WAF) platform, designed to shield web applications from malicious activity. For over one month, Defused’s revelation mostly lurked in the shadows; […]
In total, just over 4,500 CVEs were published in September, exposing defenders to new risk. For operational resilience, organizations need to scan their IT infrastructure to identify where hidden risk could impact their operations. A free trial of Greenbone’s OPENVAS BASIC allows defenders to scan their enterprise IT infrastructure to stay on top of emerging […]
On September 25, 2025, three new CVEs affecting Cisco networking products exploded onto the global cyber security landscape. Two of these were actively exploited as zero-days prior to their disclosure. Greenbone now includes detection tests for all three new high-risk CVEs in the OPENVAS ENTERPRISE FEED. CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) affect the […]
CVE-2025-10035 (CVSS 10.0) is a new critical severity vulnerability in Fortra GoAnywhere MFT (Managed File Transfer). This maximum-risk CVE could provide attackers with unauthenticated remote command execution (RCE). Greenbone can detect vulnerable systems and all users should patch with urgency. GoAnywhere MFT is a centralized Managed File Transfer (MFT) platform enabling file exchanges between business […]
! Update February 2nd, 2026 Reports from multiple security vendors have confirmed that CVE-2025-54236 (aka “SessionReaper”) has transitioned to active, real-world exploitation. A full technical write-up has been published and the Sansec Threat Research team, who originally disclosed CVE-2025-54236, claims that Proof-of-concept (PoC) exploits are circulating. On October 22nd 2025, the Sansec Threat Research Team […]
The August 2025 Threat Report underscores how quickly high-risk vulnerabilities can shift from disclosure to active exploitation. Citrix, Fortinet, N-able, and Trend Micro flaws were weaponized within days. Other critical flaws in highly targeted software, such as Microsoft Exchange, emerged. Mainstream enterprise applications, such as Docker Desktop, Git, and Zoom, were also exposed to new […]
! Update January 28th, 2026 According to a recent report from FortiGuard, a newly disclosed vulnerability in FreePBX Endpoint Manager, CVE-2025-64328 (CVSS 8.6), is now being leveraged in real-world attacks. Greenbone includes a remote banner check for CVE-2025-64328, since its disclosure in early November, 2025. The flaw is a post-authentication command injection flaw [CWE-78] in […]
The July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]
! Update January 28, 2026 Recent reporting from Google Threat Intelligence Group confirms that CVE-2025-8088 continues to be actively exploited well after patch availability. Attacks have been observed across a broad range of threat actors and campaigns and are no longer isolated to a single cluster or region. Threat actors leveraging CVE-2025-8088 include government-backed actors […]
