On September 25, 2025, three new CVEs affecting Cisco networking products exploded onto the global cyber security landscape. Two of these were actively exploited as zero-days prior to their disclosure. Greenbone now includes detection tests for all three new high-risk CVEs in the OPENVAS ENTERPRISE FEED. CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) affect the […]
CVE-2025-10035 (CVSS 10.0) is a new critical severity vulnerability in Fortra GoAnywhere MFT (Managed File Transfer). This maximum-risk CVE could provide attackers with unauthenticated remote command execution (RCE). Greenbone can detect vulnerable systems and all users should patch with urgency. GoAnywhere MFT is a centralized Managed File Transfer (MFT) platform enabling file exchanges between business […]
! Update February 2nd, 2026 Reports from multiple security vendors have confirmed that CVE-2025-54236 (aka “SessionReaper”) has transitioned to active, real-world exploitation. A full technical write-up has been published and the Sansec Threat Research team, who originally disclosed CVE-2025-54236, claims that Proof-of-concept (PoC) exploits are circulating. On October 22nd 2025, the Sansec Threat Research Team […]
The August 2025 Threat Report underscores how quickly high-risk vulnerabilities can shift from disclosure to active exploitation. Citrix, Fortinet, N-able, and Trend Micro flaws were weaponized within days. Other critical flaws in highly targeted software, such as Microsoft Exchange, emerged. Mainstream enterprise applications, such as Docker Desktop, Git, and Zoom, were also exposed to new […]
! Update January 28th, 2026 According to a recent report from FortiGuard, a newly disclosed vulnerability in FreePBX Endpoint Manager, CVE-2025-64328 (CVSS 8.6), is now being leveraged in real-world attacks. Greenbone includes a remote banner check for CVE-2025-64328, since its disclosure in early November, 2025. The flaw is a post-authentication command injection flaw [CWE-78] in […]
The July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]
! Update January 28, 2026 Recent reporting from Google Threat Intelligence Group confirms that CVE-2025-8088 continues to be actively exploited well after patch availability. Attacks have been observed across a broad range of threat actors and campaigns and are no longer isolated to a single cluster or region. Threat actors leveraging CVE-2025-8088 include government-backed actors […]
On Saturday, July 19th, flaws in Microsoft SharePoint Server became the subject of emergency cybersecurity alerts worldwide. Four CVEs are involved and collectively dubbed “ToolShell”; two published in early July already had patches available, but after being bypassed, two new CVEs were issued. The flaws can allow unauthenticated remote code execution (RCE) at the Windows […]
The 2025 IOCTA report from Europol warns that demand for data on the cybercrime underground is surging. How much data has been stolen exactly? Determining exact numbers is impossible. However, the personal information of 190 million individuals including Social Security Numbers (SSN), was stolen from Change Healthcare in a single breach. That’s more than half […]
A fresh vulnerability, CVE-2025-25257 (CVSS 9.6) in Fortinet’s FortiWeb Fabric Connector presents high risk globally. Although the CVE is still only in RESERVED status as of July 14th, 2025, it has already received a national CERT advisory from Belgium’s CERT.be and the Center for Internet Security (CIS) has also issued an alert. More alerts should […]
