Technology ❯ Cybersecurity ❯ Threat Intelligence

Vulnerabilities

Zero-Day Exploits Public Disclosure Authentication Bypass CVE Program Exfiltration Techniques Microsoft Exchange Server CVE-2025-20393 Cross-Site Scripting CISA KEV Catalog Remote Code Execution SMA 100 Series CVE-2024-40766 Incident Response CVE-2025-61882 Malware Analysis Android Devices Router Exploits CVE-2025-29824 Access Control Monitoring Tools Credential Harvesting CVE Reports Modbus Protocol Google Threat Intelligence Group

Hackers Exploit Critical Next.js React2Shell Bug to Steal Credentials From 766 Hosts

The campaign pools stolen cloud keys plus API tokens in a single portal that can speed later breaches.

npm Worm 'SANDWORM_MODE' Exposed Targeting Developer and CI Secrets Through Typosquatted Packages

Researchers Exploit StealC Panel XSS to Expose Operations of ‘YouTubeTA’

China-Linked Hackers Exploit Cisco Email Zero-Day With No Patch as CISA Flags Active Threat

WrtHug Campaign Hijacks About 50,000 ASUS Routers Worldwide

Fortinet Confirms Critical FortiWeb Zero-Day Is Being Exploited as CISA Sets Nov. 21 Patch Deadline

Amazon Reveals Pre‑Disclosure Exploits of Citrix NetScaler and Cisco ISE to Plant Stealth Backdoor

CISA and NSA Lead Multinational Guide to Secure On‑Premises Microsoft Exchange Servers

CISA Flags Active Exploits of Windows SMB Privilege Bug, Sets Nov. 10 Patch Deadline

Google Says Oracle E‑Business Suite Zero‑Day Fueled Data Theft at Dozens, Likely Over 100

SonicWall Ships SMA 100 Firmware to Detect and Remove OVERSTEP Rootkit

Researchers Detail PipeMagic Backdoor Using Fake ChatGPT App and CLFS Exploit

Darktrace Details First Auto-Color Malware Attack Exploiting Patched SAP NetWeaver Flaw