June has been a turbulent month for cyber defenders, marked by a surge of high-profile vulnerabilities shaking the security landscape. Following the exploitation of SimpleRMM flaws by the DragonForce ransomware group and the active use of the CVE-2025-33053 WebDAV zero-day by the Stealth Falcon APT, researchers have now identified yet another critical threat. A newly […]
A new critical zero-day RCE vulnerability in Microsoft Windows, tracked as CVE-2025-33053, has been actively exploited by the Stealth Falcon (aka FruityArmor) APT group. The flaw leads to RCE by manipulating the system’s working directory. Attackers leveraged a previously unknown method to run files from a WebDAV server by altering the working directory of a […]
Hot on the heels of the critical SAP NetWeaver CVE-2025-31324 exploitation campaign active since April 2025, another zero-day vulnerability has surfaced in the spotlight. Google recently issued emergency patches for three Chrome vulnerabilities, including one actively weaponized in in-the-wild attacks. The most critical, tracked as CVE-2025-5419, lets remote attackers trigger heap corruption using a crafted […]
Hot on the heels of the CVE-2025-1449 disclosure, a vulnerability in Rockwell Automation software, another critical security issue affecting widely used software products is now drawing the attention of the defenders. CVE-2025-29824 is a zero-day vulnerability in the Windows Common Log File System (CLFS) that gives threat actors the green light to escalate privileges to […]
XE Group, likely a Vietnam-linked hacking collective that has been active in the cyber threat arena for over a decade is believed to be behind the exploitation of a couple of VeraCore zero-day vulnerabilities. During the latest campaign, adversaries weaponized VeraCore flaws tracked as CVE-2024-57968 and CVE-2025-25181 to deploy reverse shells and web shells, ensuring […]
Adding to the list of critical Citrix NetScaler zero-days, security researchers warn of a new dangerous vulnerability (CVE-2023-4966) continuously exploited in the wild despite a patch issued in October. Marked as an information-disclosure flaw, CVE-2023-4966 enables threat actors to hijack existing authenticated sessions and potentially result in a multifactor authentication (MFA) bypass. According to security […]
Atlassian has recently notified defenders of a critical privilege escalation vulnerability in its Confluence software. The uncovered issue identified as CVE-2023-22515 poses severe risks to impacted Confluence installations as it is actively weaponized by attackers. Detect CVE-2023-22515 Exploits With the ever-increasing numbers of CVEs leveraged in real-world attacks, proactive detection of vulnerability exploitation remains one […]
Hot on the heels of the maximum severity flaw in GitLab software known as CVE-2023-2825, another critical vulnerability comes to the scene, creating a significant buzz in the cyber threat landscape. At the turn of June 2023, Progress Software uncovered a critical vulnerability in MOVEit Transfer that can lead to privilege escalation and instantly issued […]