Technology ❯ Cybersecurity ❯ Threat Intelligence

Vulnerabilities

Zero-Day Exploits Public Disclosure Malware Analysis Remote Code Execution CVE-2025-29824 CVE-2024-40766 Microsoft Exchange Server CVE Program CVE-2025-61882 SMA 100 Series

Hackers Exploit Critical Next.js React2Shell Bug to Steal Credentials From 766 Hosts

The campaign pools stolen cloud keys plus API tokens in a single portal that can speed later breaches.

npm Worm 'SANDWORM_MODE' Exposed Targeting Developer and CI Secrets Through Typosquatted Packages

Researchers Exploit StealC Panel XSS to Expose Operations of ‘YouTubeTA’

China-Linked Hackers Exploit Cisco Email Zero-Day With No Patch as CISA Flags Active Threat

WrtHug Campaign Hijacks About 50,000 ASUS Routers Worldwide

Fortinet Confirms Critical FortiWeb Zero-Day Is Being Exploited as CISA Sets Nov. 21 Patch Deadline

Amazon Reveals Pre‑Disclosure Exploits of Citrix NetScaler and Cisco ISE to Plant Stealth Backdoor

CISA and NSA Lead Multinational Guide to Secure On‑Premises Microsoft Exchange Servers

CISA Flags Active Exploits of Windows SMB Privilege Bug, Sets Nov. 10 Patch Deadline

Google Says Oracle E‑Business Suite Zero‑Day Fueled Data Theft at Dozens, Likely Over 100

SonicWall Ships SMA 100 Firmware to Detect and Remove OVERSTEP Rootkit

Researchers Detail PipeMagic Backdoor Using Fake ChatGPT App and CLFS Exploit

Darktrace Details First Auto-Color Malware Attack Exploiting Patched SAP NetWeaver Flaw

Russia-Linked Malware Disrupts Heating for 600 Ukrainian Buildings