Indicators of Compromise

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability

CVEs: CVE-2025-62676

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-114: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

CVEs: CVE-2026-1335

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability

CVEs: CVE-2026-1334

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

CVEs: CVE-2026-1333

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability

CVEs: CVE-2026-2635

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2025-60037 CVE-2025-60038

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2025-60035

Zero Day Initiative →

Zero Day Initiative 📡 RSS Feb 19

ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

CVEs: CVE-2025-60036

Zero Day Initiative →

Mandiant Blog 📡 RSS Feb 17

From BRICKSTORM to GRIMBOLT: UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day

CVEs: CVE-2026-22769

Mandiant Blog →

Fortinet Blog 📡 RSS Feb 10

Deep Dive into New XWorm Campaign Utilizing Multiple-Themed Phishing Emails

CVEs: CVE-2018-0802

Fortinet Blog →

Google Project Zero 📡 RSS Jan 29

Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

CVEs: CVE-2024-54529 CVE-2025-31235

Google Project Zero →

Fortinet Blog 📡 RSS Jan 28

Unveiling the Weaponized Web Shell EncystPHP

CVEs: CVE-2025-64328

Fortinet Blog →

Mandiant Blog 📡 RSS Jan 27

Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088

CVEs: CVE-2025-8088

Mandiant Blog →

Fortinet Blog 📡 RSS Jan 14

New Remcos Campaign Distributed Through Fake Shipping Document

CVEs: CVE-2017-11882

Fortinet Blog →

Recorded Future 📡 RSS Jan 13

December 2025 CVE Landscape: 22 Critical Vulnerabilities Mark 120% Surge, React2Shell Dominates Threat Activity

CVEs: CVE-2025-55182

Recorded Future →

ESET Research 📡 RSS Dec 22

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

CVEs: CVE-2025-50165

ESET Research →

Google Project Zero 📡 RSS Dec 16

Thinking Outside The Box [dusted off draft from 2017]

CVEs: CVE-2017-3558

Google Project Zero →

Mandiant Blog 📡 RSS Nov 10

No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480

CVEs: CVE-2025-12480

Mandiant Blog →

Mandiant Blog 📡 RSS Oct 9

Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign

CVEs: CVE-2025-61884

Mandiant Blog →

Mandiant Blog 📡 RSS Sep 3

ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)

CVEs: CVE-2025-53690

Domains: asp.net

Mandiant Blog →