Threat Advisories:

Unmasking Airstalk’s Covert Supply Chain Intrusion WordPress Plugin Bug CVE-2025-11833 Hands Hackers the Admin Throne Silent Lynx APT: Espionage Operations Targeting Central Asia’s Critical Infrastructure SleepyDuck: Trojan Nesting in the Open VSX Marketplace Operation SkyCloak: Covert Cyber Strikes on Russian and Belarusian Military Personnel Typosquatted npm Packages Execute Stealthy CredentialTheft Operation Hijackloader Strikes Colombia with PureHVNC Vietnamese Actors Use Recruitment Lures for Espionage and Theft Qilin Ransomware Surge: A Growing Global Threat to Critical Sectors ClickOnce Deception: SideWinder’s New Path to Diplomats The Gift Card Grinch Uncovered in the Jingle Thief Campaign WordPress Sites Under Siege by Old Critical Flaws Transparent Tribe’s DeskRAT Campaign Targets Indian Military Systems SessionReaper Flaw Enables Seamless Session Hijacking on Adobe Commerce CVE‑2025‑61932: Critical Lanscope Endpoint Manager Flaw Actively Exploited Lazarus Targets Europe’s UAV Innovation October 2025 Linux Patch Roundup MuddyWater Deploys Phoenix Backdoor in Targeted Espionage Campaign Critical Cloud Threat: Azure Blob Storage Under Active Attack Operation Silk Lure Scam: When Job Hunts Leads to Malware

Highlights of Our CISO Dinner

Upgrading struggling vulnerability management programs to Threat Exposure Management, with Host, CISO Al Lindseth formerly from Plains All American Pipeline and PWC - 6 minute podcast

0:00

0:00

Play Count: Loading...

Partner Program

Book a Demo Threat Digest - Subscribe

Vulnerability in Zimbra that steals clear-text credentials from users

Threat Level – Red | Vulnerability Report

A new vulnerability in Zimbra allows an attacker to steal cleartext credentials from instances via Memcache injection. Over 200,000 users logged in can be impacted by the security flaw.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox