1. Executive Summary CVE-2025-31324 is a critical vulnerability in SAP NetWeaver Visual Composer’s Metadata Uploader that enables unauthenticated arbitrary file upload, which can be leveraged for remote code execution (RCE)…
Microsoft’s April 2025 Patch Tuesday release addressed 121 CVEs, including one actively exploited zero-day and 11 critical vulnerabilities—all assessed as remote code execution (RCE) issues by multiple exposure-management and security…
1. Executive Summary Attackers are actively targeting a critical authentication bypass in CrushFTP managed file transfer (MFT) software, tracked as CVE-2025-31161. According to Huntress’ incident analysis, in-the-wild exploitation was observed…
1. Executive Summary On 21 February 2025, cryptocurrency exchange Bybit suffered a theft of approximately $1.5 billion in virtual assets—an incident the US Federal Bureau of Investigation (FBI) publicly attributed…