VulnHub

AI-Powered Cybersecurity Intelligence

Last Update Check:

Latest Intelligence

SecurityWeek
Critical OpenPGP.js Vulnerability Allows Spoofing

A critical vulnerability in OpenPGP.js, identified as CVE-2025-47934, allows attackers to spoof message signature verifications. This flaw poses significant risks to the integrity of secure communications utilizing this library.


Impact: OpenPGP.js

In the Wild: Unknown

Age: Recently disclosed

Remediation: Apply patches

CVE Vulnerability

Published:

The Hacker News
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager

Google Chrome has introduced a feature in its built-in Password Manager that automatically changes compromised passwords when detected during sign-in. This enhancement aims to improve user security by simplifying the process of managing compromised credentials.


Impact: ["Google Chrome", "Google Password Manager"]

In the Wild: No

Age: Recently disclosed

Remediation: None available

Google

Published:

The Hacker News
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

Hazy Hawk, a threat actor, exploits misconfigurations in DNS records to hijack abandoned cloud resources from major organizations, including Amazon and Microsoft. The hijacked domains are repurposed to deliver scams and malware, highlighting significant security risks associated with cloud misconfigurations.


Impact: ["Amazon S3", "Microsoft Azure"]

In the Wild: Yes

Age: Recently disclosed

Remediation: Implement security best practices for DNS configurations and monitor cloud resources for unauthorized access.

Microsoft Malware Threat Actor

Published:

The Hacker News
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

Over 100 fake Chrome extensions have been discovered that are designed to hijack user sessions, steal credentials, and inject advertisements. These malicious extensions are created by an unknown threat actor and pose significant risks to users by masquerading as legitimate tools.


Impact: ["Chrome Browser extensions"]

In the Wild: Yes

Age: Discovered in February 2024

Remediation: Remove suspicious extensions and monitor for unauthorized access.

Malware Threat Actor

Published:

SecurityWeek
NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch

VMware has released security patches addressing vulnerabilities that could lead to data leakage, command execution, and denial-of-service attacks. Notably, one of the vulnerabilities has been flagged by NATO, underscoring its significance and urgency for users to apply the patches.


Impact: Not specified

In the Wild: Unknown

Age: Recently disclosed

Remediation: Apply patches

VMware Vulnerability Patch

Published:

The Hacker News
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

A new cyber campaign by the SideWinder APT group has targeted high-level government institutions in Sri Lanka, Bangladesh, and Pakistan using spear phishing tactics and geofenced payloads. This attack highlights the ongoing threat to governmental cybersecurity in South Asia, emphasizing the need for enhanced protective measures.


Impact: ["Not specified"]

In the Wild: Yes

Age: Unknown

Remediation: None available

Phishing Malware Threat Actor

Published:

The Hacker News
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Cybersecurity researchers have identified risky default IAM roles in AWS that can lead to privilege escalation and manipulation of other services, potentially compromising entire AWS accounts. This issue highlights the importance of reviewing and tightening IAM permissions to prevent unauthorized access.


Impact: ["Amazon Web Services (AWS)", "IAM roles", "S3"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Review and tighten IAM permissions, disable overly broad roles.

Published:

SecurityWeek
Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers

NIST and CISA researchers have proposed the Likely Exploited Vulnerabilities (LEV) equations to enhance remediation prioritization based on KEV and EPSS metrics. This development is significant as it aims to improve the effectiveness of addressing vulnerabilities that are likely to be exploited.


Impact: Not specified

In the Wild: Unknown

Age: Unknown

Remediation: None available

Vulnerability

Published:

SecurityWeek
Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit

The 2025 Threat Detection & Incident Response Summit is a virtual event set to occur on May 21st, focusing on cybersecurity strategies and solutions. This summit highlights the importance of effective threat detection and response mechanisms in the evolving landscape of cyber threats.


Impact: Not specified

In the Wild: Unknown

Age: Unknown

Remediation: None available

Published:

SecurityWeek
TrustCloud Raises $15 Million for Security Assurance Platform

TrustCloud, an AI-native security assurance firm, has successfully raised $15 million in funding to enhance its security assurance platform. This financial boost is significant as it highlights the growing investment in cybersecurity solutions amidst increasing security challenges.


Impact: Not specified

In the Wild: Unknown

Age: Unknown

Remediation: None available

Published:

All CISA Advisories
Danfoss AK-SM 8xxA Series

The Danfoss AK-SM 8xxA Series has a vulnerability due to improper authentication, allowing remote attackers to bypass authentication and execute arbitrary code. This issue is significant as it affects critical infrastructure and could lead to serious security breaches if exploited.


Impact: ["Danfoss AK-SM 8xxA Series", "AK-SM 800A system manager"]

In the Wild: No

Age: Recently disclosed

Remediation: Users should update to release R4.2 and follow the AK-SM 800A Software Upgrade Process.

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
Vertiv Liebert RDU101 and UNITY

The Vertiv Liebert RDU101 and UNITY products have critical vulnerabilities that allow for authentication bypass and stack-based buffer overflow, posing risks of denial-of-service and remote code execution. Users are urged to update their systems to mitigate these risks.


Impact: ["Liebert RDU101: Versions 1.9.0.0 and prior", "Liebert IS-UNITY: Versions 8.4.1.0 and prior"]

In the Wild: No

Age: Recently disclosed

Remediation: Update Liebert RDU101 to v1.9.1.2_0000001 and IS-UNITY to v8.4.3.1_00160.

CVE Exploit Vulnerability Update

Published:

All CISA Advisories
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products

Mitsubishi Electric Iconics Digital Solutions has reported a vulnerability in their ICONICS Product Suite and MC Works64 that allows for execution with unnecessary privileges, potentially leading to information tampering. This vulnerability poses a significant risk as it could result in a denial-of-service condition on affected workstations.


Impact: ["ICONICS Product Suite", "Mitsubishi Electric MC Works64"]

In the Wild: No

Age: Recently disclosed

Remediation: Users should uninstall the multi-agent notification feature if not needed, restrict access to affected PCs, and apply the latest security patches.

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
AutomationDirect MB-Gateway

The AutomationDirect MB-Gateway has a critical vulnerability due to missing authentication for critical functions, allowing unauthorized remote access and potential for configuration changes or arbitrary code execution. This vulnerability has a CVSS score of 10.0, indicating its severity and the urgent need for remediation.


Impact: ["MB-Gateway"]

In the Wild: No

Age: Recently disclosed

Remediation: Replace MB-Gateway with EKI-1221-CE or restrict network exposure and access until replacement is feasible.

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
ABUP IoT Cloud Platform

The ABUP IoT Cloud Platform has a vulnerability related to incorrect privilege assignment, allowing unauthorized access to device profiles through a crafted JSON Web Token. Although the vendor has removed the vulnerable method, users are advised to modify authentication information due to a prior exposure period.


Impact: ["ABUP Internet of Things (IoT) Cloud Platform"]

In the Wild: No

Age: Discovered in April 2025

Remediation: The vulnerable method has been removed; users should consider modifying authentication information.

CVE Exploit Vulnerability Update

Published: