A newly discovered and actively exploited local privilege escalation vulnerability in VMware Tools and Aria Operations, tracked as CVE-2025-41244, has been leveraged as a zero-day since mid-October 2024. The exploitation has been attributed to UNC5174, a China-linked advanced persistent threat (APT)

SecPod

08.10.2025

Under Medusa's Gaze: GoAnywhere Zero-Day Powers Ransomware Attacks - SecPod Blog

Executive Summary A critical deserialization vulnerability in Fortra GoAnywhere MFT (CVE-2025-10035 , with a CVSS score of 10.0) has been actively exploited by a Medusa ransomware affiliate tracked as Storm-1175 to gain unauthenticated remote code execution against internet-exposed Admin Consoles

SecPod

08.10.2025

CVE-2025-61882: Why Clop’s Latest Oracle EBS Strike Should Scare You - SecPod Blog

Oracle E-Business Suite (EBS), a comprehensive suite of enterprise resource planning (ERP) applications, is integral to managing core business operations for numerous organizations worldwide. It handles critical functions across finance, HR, and supply chain management. Recently, a critical zero-

SecPod

08.10.2025

Zimbra Zero-Day Exploitation Vector: Malicious ICS Files Targeting Brazil’s Military - SecPod Blog

The discovery and exploitation of CVE-2025-27915, a stored cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS), underscores the persistent threat posed by input sanitization flaws in widely used enterprise software. This now-patched zero-day vulnerability was actively exploi

home›SecPod

SecPod

Software

China-Linked APT Exploits VMware Zero-Day Vulnerability Active Since October 2024 - SecPod Blog

Under Medusa's Gaze: GoAnywhere Zero-Day Powers Ransomware Attacks - SecPod Blog

CVE-2025-61882: Why Clop’s Latest Oracle EBS Strike Should Scare You - SecPod Blog

Zimbra Zero-Day Exploitation Vector: Malicious ICS Files Targeting Brazil’s Military - SecPod Blog

home
›
SecPod