Threat Brief: MongoDB Vulnerability (CVE-2025-14847)

On Dec. 19, 2025, MongoDB publicly disclosed MongoBleed, a security vulnerability (CVE-2025-14847) that allows unauthenticated attackers to leak sensitive heap memory by exploiting a trust issue in how MongoDB Server handles zlib-compressed network messages. This flaw occurs prior to authentication, Read More …

Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit

Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level privileges to access sensitive information – and warned that a public, proof-of-concept exploit for the flaw exists Read More …

CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation

Trend Micro researchers have previously published a blog on what organizations need to know about the actively exploited CVE-2025-55182, which is a critical (CVSS 10.0) pre-authentication remote code execution vulnerability affecting React Server Components (RSC) used in React.js, Next.js, and Read More …

Active Exploitation Reported for CVE-2025-11001 in 7-Zip

Active exploitation of CVE-2025-11001 has been observed in the wild. A security researcher has also publicly released a proof-of-concept (PoC) exploit for CVE-2025-11001. The PoC allows attackers to abuse symbolic-link handling to write files outside of the intended extraction folder, Read More …

The first AI-powered proof of concept ransomware has been spotted

Security researchers from ESET have identified the first known AI-powered ransomware, which serves as a warning for security teams as generative AI has, and will, continue to make cyberattacks much more accessible for criminals. Peter Strycek and Anton Cherepanov discovered Read More …

Proof-of-Concept Released Oracle VM VirtualBox

Oracle has released a security update to address a critical vulnerability in Oracle VM VirtualBox. Oracle VM VirtualBox is cross-platform virtualisation software. CVE-2025-30712 is an ‘improper access control’ vulnerability with a CVSSv3 score of 8.1 that affects the Oracle Virtualisation Read More …

Proof-of-Concept Released for SysAid On-Premise

In March 2025, SysAid released updates addressing XML (extensible markup language) external entity vulnerabilities and an OS command injection vulnerability in its on-premise platform. SysAid is an IT service management platform. Cyber Security firm watchTowr Labs has released proof-of-concept exploit Read More …

ZDI-CAN-25373: Windows shortcut exploit abused as Zero-Day in widespread APT campaigns

The Trend Zero Day Initiative threat hunting team identified significant instances of the exploitation of ZDI-CAN-25373 across a variety of campaigns dating back to 2017. The researchers analysis revealed that 11 state-sponsored groups from North Korea, Iran, Russia, and China Read More …

Proof-of-Concept Exploits Released for RSync Vulnerabilities

Five vulnerabilities have been discovered within the RSync utility. RSync is a popular tool for transferring and synchronising files between different systems. RSync is commonly used in Unix-like operating systems. CVE-2024-12084 is a ‘heap-based buffer overflow’ vulnerability, with a CVSSv3 Read More …