CVE-2025-2837 - Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution March 26, 2025 at 10:15PM https://ift.tt/HWJrdhg #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-20229 - Splunk Enterprise/Cloud Platform Remote Code Execution Vulnerability March 26, 2025 at 10:15PM https://ift.tt/5ditFok #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

Late night chat on ATT&CK Slack about malware authors cross-compiling on Linux and OS X. I have a couple of Linux examples, but we'd be curious to see some OS X cases, particularly if they're using cross-compatibility?

#osx, #linux, #threatintel, #att&ck

CVE-2024-13146 - Booknetic WordPress CSRF Vulnerability March 26, 2025 at 06:15AM https://ift.tt/haXBdOD #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

The new k8s bug has a lame name: IngressNightmare. *sigh* Where's the clever word play?

Too many people relying on simple appending Nightmare to the name of the attack surface these days... might as well get an LLM to name them if we're just going to copy the last bug name all over again.

Anyway, you can read about it here:

https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities

#threatintel, #k8s

CVE-2025-30353 - Directus Information Disclosure Vulnerability March 26, 2025 at 06:15PM https://ift.tt/vwNkFjh #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-2783 - Google Chrome Mojo Sandbox Escape Vulnerability March 26, 2025 at 04:15PM https://ift.tt/wPE8kjN #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

Has #Microsoft lost control of microsoftstream[.]com ?

Currently this is what it loads. It's an Amazon-like page in Thai.

CVE-2025-30524 - Origincode Product Catalog SQL Injection March 26, 2025 at 03:16PM https://ift.tt/Zvk7oJ0 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-2825 - CrushFTP Unauthenticated Remote Access Vulnerability March 26, 2025 at 04:15PM https://ift.tt/8FesSLJ #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-28942 - Trust Payments Gateway for WooCommerce SQL Injection March 26, 2025 at 03:16PM https://ift.tt/pfHn4Ax #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-28939 - WordPress Google Calendar Manager SQL Injection Vulnerability March 26, 2025 at 03:16PM https://ift.tt/vYet0SZ #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-28916 - Docpro PHP Remote File Inclusion Vulnerability March 26, 2025 at 03:16PM https://ift.tt/LpodKw3 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-28893 - Visual Text Editor Code Injection Vulnerability March 26, 2025 at 03:16PM https://ift.tt/UTbBeGd #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-28898 - WP Multistore Locator SQL Injection March 26, 2025 at 03:16PM https://ift.tt/UGkhFlv #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-28873 - Shuffle SQL Injection Vulnerability March 26, 2025 at 03:16PM https://ift.tt/9TvpC0N #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-26986 - StylemixThemes Pearl - Corporate Business PHP RFI Vulnerability March 26, 2025 at 03:16PM https://ift.tt/zyhq5cX #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-26941 - Andy Moyle Church Admin SQL Injection March 26, 2025 at 03:16PM https://ift.tt/etlqVNk #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-24690 - Formality PHP Remote File Inclusion Vulnerability March 26, 2025 at 03:16PM https://ift.tt/15YVRjN #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon

CVE-2025-23952 - NTM Custom-Field-List-Widget PHP Remote File Inclusion Vulnerability March 26, 2025 at 03:16PM https://ift.tt/jHl9MVu #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon