On August 27, more than 20 security agencies published a Cybersecurity Advisory with the title “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System” Publishing authorities included: United States National Security Agency (NSA) United States Cybersecurity and Infrastructure Security Agency (CISA) United States Federal Bureau of Investigation (FBI) Germany Federal […]
The July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]
CVE-2025-8088 (CVSS 8.4) is a new high-risk path traversal vulnerability [CWE-35] in WinRAR versions 7.12 and below and related components including UnRAR.dll. The flaw allows unauthorized attackers to copy malicious files into sensitive directories, including the Windows Startup folder, where they can be executed. ESET Research reports that active exploitation of CVE-2025-8088 began on July […]
Salt Typhoon: Greenbone Covers All Vulnerabilities
BlogOn August 27, more than 20 security agencies published a Cybersecurity Advisory with the title “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System” Publishing authorities included: United States National Security Agency (NSA) United States Cybersecurity and Infrastructure Security Agency (CISA) United States Federal Bureau of Investigation (FBI) Germany Federal […]
July 2025 Threat Report: Cisco, CrushFTP, HPE IRS and Others Face Active Exploitation
BlogThe July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]
New WinRAR Flaw CVE-2025-8088 Exploited in Social Engineering Attacks
BlogCVE-2025-8088 (CVSS 8.4) is a new high-risk path traversal vulnerability [CWE-35] in WinRAR versions 7.12 and below and related components including UnRAR.dll. The flaw allows unauthorized attackers to copy malicious files into sensitive directories, including the Windows Startup folder, where they can be executed. ESET Research reports that active exploitation of CVE-2025-8088 began on July […]