Threat Advisories:
CVE-2025-37164: Critical RCE in HPE OneView Under Active Exploitation Astaroth Reimagined: Weaponizing WhatsApp for Scalable Banking Fraud GoBruteforcer Exposed: How Weak Credentials Power a Silent Linux Botnet CVE-2026-0625: A Decade-Long Risk in D-Link DSL Routers Enabling Full System Compromise PHALT#BLYX: Fake BSOD Campaign Targets Hospitality CVE-2025-13915: Authentication Bypass Puts IBM API Connect at Risk VVS Stealer Exposed: Inside a Stealthy Discord Credential Theft Operation Silent Clicks, Lasting Access: APT36’s Fileless Espionage Playbook GlassWorm’s Quiet Infiltration of Mac Systems Silver Fox Slips ValleyRAT Into India Through Fake Tax Notices LangGrinch: Critical LangChain Serialization Flaws Enable Secret Exfiltration Inside Evasive Panda’s Long-Running AitM Campaign CVE-2025-14847: Critical MongoDB Memory Leak Exposes Sensitive Data MacSync A Notarized macOS Malware That Slips Past Gatekeeper December 2025 Linux Patch Roundup Automation Gone Rogue: CVE-2025-68613 Puts n8n Instances at Risk Prince of Persia APT Campaigns Across Iran, Europe, and Beyond GhostPoster: A Multi-Stage Malware Campaign Hiding Inside Firefox Extensions GachiLoader Deployed via the YouTube Ghost Network CVE-2025-20393: Critical Cisco AsyncOS Zero-Day Actively Exploited
Hive Pro recognized in Gartner® Magic Quadrant™ for Exposure Assessment Platform, 2025 Watch platform in action
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s ComparisonSave Cost , Reduce Complexity and Increase Security by Augmenting and Replacing your existing Vulnerability Management platform
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them. Powered by:
IntegrationsOut of box integrations available with a comprehensive set of Security and IT operations tools in your organisation.
HiveForce LabsThe in-house intelligence that enables customers to identify and address immediate cyber risks and potential threats with precision, clear insights, and swift action.
Hive Pro’s Comparison
Hive Pro vs Rapid7
Hive Pro vs Tenable
Hive Pro vs Qualys
Hive Pro vs Nucleus Security
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Threat Advisories
Threat Digests
Blog
Whitepapers
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe

Threat Advisories

Detailed information and guidance on threats and vulnerabilities, focusing on its characteristics, impact, and remediation steps, released daily and weekly to provide actionable intelligence and aid in rapid response and mitigation efforts.

Strengthen Your Defenses With the Latest Intelligence

Red | Vulnerability Report
CVE-2025-37164: Critical RCE in HPE OneView Under Active Exploitation
Summary CVE-2025-37164 is a critical, maximum-severity remote code execution vulnerability affecting Hewlett January 9, 2026
Amber | Attack Report
Astaroth Reimagined: Weaponizing WhatsApp for Scalable Banking Fraud
Summary The Boto Cor-de-Rosa campaign represents a significant and dangerous evolution of January 9, 2026
Red | Attack Report
GoBruteforcer Exposed: How Weak Credentials Power a Silent Linux Botnet
Summary GoBruteforcer (also known as GoBrut) is a sophisticated and continuously evolving January 9, 2026
Red | Vulnerability Report
CVE-2026-0625: A Decade-Long Risk in D-Link DSL Routers Enabling Full System Compromise
Summary CVE-2026-0625 is a critical security vulnerability affecting multiple legacy D-Link DSL January 9, 2026
Red | Attack Report
PHALT#BLYX: Fake BSOD Campaign Targets Hospitality
Summary PHALT#BLYX is an active and sophisticated malware campaign first observed in January 9, 2026
Red | Vulnerability Report
CVE-2025-13915: Authentication Bypass Puts IBM API Connect at Risk
Summary Critical IBM API Connect Authentication Bypass Vulnerability Enables Unauthorized Access IBM January 8, 2026
Amber | Attack Report
VVS Stealer Exposed: Inside a Stealthy Discord Credential Theft Operation
Summary VVS Stealer Targets Discord Users Worldwide with Python-Based Credential Theft Malware January 7, 2026
Amber | Attack Report
Silent Clicks, Lasting Access: APT36’s Fileless Espionage Playbook
Summary APT36 Deploys Fileless Malware Campaign Against Indian Government Entities APT36, also January 5, 2026
1 2 224

HiveForce Labs Research At Your Fingertips

Stay informed with HiveForce Labs as they provide comprehensive insights into the latest vulnerabilities, threats, and threat actor activities.

Subscribe below to receive in-depth weekly and monthly updates, along with daily and weekly advisories designed to help you proactively manage and mitigate cybersecurity risks.

Subscribe Here