Vulnerability Management – Page 4

Threat_Actor_Profiles

Akira Ransomware Targeting SonicWall Gen 7 SSLVPN: CVE-2024-40766, Credential Reuse, and Post-Migration Exposure

1. Executive Summary A cluster of ransomware intrusions attributed to Akira affiliates surged in late July 2025, with defenders reporting initial access via SonicWall Gen 7 (and newer) firewalls where…

Vulnerabilities_Exploits

Microsoft August 2025 Patch Tuesday

14 August 2025 Threat Analyst

Key items to prioritise “Public exploit / likely targeting” watch-outs Practical guidance (triage order)

Vulnerabilities_Exploits

Microsoft May 2025 Patch Tuesday — 72 CVEs, Five Exploited Zero-Days, and Critical RCE Exposure

16 May 2025 Threat Analyst

1. Executive Summary Microsoft’s May 2025 Patch Tuesday shipped fixes for ~72 vulnerabilities across Windows and multiple Microsoft product families, with reporting variance depending on whether certain platforms (e.g., Edge/Azure…

Vulnerabilities_Exploits

Critical SAP NetWeaver Visual Composer Vulnerability (CVE-2025-31324) — Unauthenticated File Upload to RCE

30 April 2025 Threat Analyst

1. Executive Summary CVE-2025-31324 is a critical vulnerability in SAP NetWeaver Visual Composer’s Metadata Uploader that enables unauthenticated arbitrary file upload, which can be leveraged for remote code execution (RCE)…

Vulnerabilities_Exploits

CrushFTP Actively Exploited Critical Authentication Bypass (CVE-2025-31161; former CVE-2025-2825)

20 April 2025 Threat Analyst

1. Executive Summary Attackers are actively targeting a critical authentication bypass in CrushFTP managed file transfer (MFT) software, tracked as CVE-2025-31161. According to Huntress’ incident analysis, in-the-wild exploitation was observed…

Vulnerabilities_Exploits

Microsoft April 2025 Patch Tuesday: Actively Exploited CLFS Zero-Day (CVE-2025-29824) and 11 Critical RCE Flaws Across 121 CVEs

20 April 2025 Threat Analyst

Microsoft’s April 2025 Patch Tuesday release addressed 121 CVEs, including one actively exploited zero-day and 11 critical vulnerabilities—all assessed as remote code execution (RCE) issues by multiple exposure-management and security…

Vulnerabilities_Exploits

Microsoft February 2025 Patch Tuesday: 55 CVEs Fixed, 4 Zero-Days (2 Exploited In-The-Wild)

14 February 2025 Threat Analyst

1. Executive Summary On 11 February 2025, Microsoft released Patch Tuesday security updates addressing 55 CVEs, including three Critical remote code execution (RCE) vulnerabilities and four zero-days. Two of the…

Vulnerabilities_Exploits

Finastra Secure File Transfer Platform

20 January 2025 Threat Analyst

1. Executive Summary On 19 November 2024, reporting indicated that financial software provider Finastra was investigating an alleged data breach involving its secure file transfer capability used for transmitting sensitive…

Vulnerabilities_Exploits

Microsoft December Patch Tuesday: 71 Vulnerabilities Patched, Including Actively Exploited CLFS Zero-Day (CVE-2024-49138)

27 December 2024 Threat Analyst

Microsoft has released its December Patch Tuesday security updates, addressing 71 vulnerabilities across its product ecosystem. The release includes 16 Critical-rated flaws and one actively exploited zero-day vulnerability: CVE-2024-49138, affecting…

Incident_Reports

Change Healthcare Ransomware Attack (UnitedHealth / Optum): ALPHV/BlackCat Disruption and Mass PHI Exposure

20 December 2024 Threat Analyst

Note on timing: Public reporting and official disclosures indicate the intrusion began in February 2024, while October 2024 is significant because Change Healthcare informed HHS OCR that ~100 million individual…

Akira Ransomware Targeting SonicWall Gen 7 SSLVPN: CVE-2024-40766, Credential Reuse, and Post-Migration Exposure

Microsoft August 2025 Patch Tuesday

Microsoft May 2025 Patch Tuesday — 72 CVEs, Five Exploited Zero-Days, and Critical RCE Exposure

Critical SAP NetWeaver Visual Composer Vulnerability (CVE-2025-31324) — Unauthenticated File Upload to RCE

CrushFTP Actively Exploited Critical Authentication Bypass (CVE-2025-31161; former CVE-2025-2825)

Microsoft April 2025 Patch Tuesday: Actively Exploited CLFS Zero-Day (CVE-2025-29824) and 11 Critical RCE Flaws Across 121 CVEs

Microsoft February 2025 Patch Tuesday: 55 CVEs Fixed, 4 Zero-Days (2 Exploited In-The-Wild)

Finastra Secure File Transfer Platform

Microsoft December Patch Tuesday: 71 Vulnerabilities Patched, Including Actively Exploited CLFS Zero-Day (CVE-2024-49138)

Change Healthcare Ransomware Attack (UnitedHealth / Optum): ALPHV/BlackCat Disruption and Mass PHI Exposure

You missed

OpenClaw lures fuel ClickFix infostealer infections as agentic AI ecosystems become a new credential target

Storm-2561 pushes fake VPN installers via SEO poisoning to steal enterprise credentials

Hudson Rock ties Polyfill.io supply-chain compromise to DPRK operator via Lumma Stealer telemetry

Stryker ‘Handala’ incident: global Microsoft environment disruption and reported remote device wipes