Statistics on 2024 trending vulnerabilities were featured in the OIC-CERT annual report. 🎉 I’m glad my work contributed to promoting #PTESC and #PositiveTechnologies among national CERTs and key decision-makers! 😉 #TrendVulns #OIC #OICCERT.➡️

August #Microsoft Patch Tuesday. A total of 132 vulnerabilities, 20 fewer than in July. Three are actively exploited, including two related to the trending #SharePoint "ToolShell" flaw, exploited since July 17. #Vulristics #PatchTuesday #Windows.➡️

July "In the Trend of VM" (# 18): vulnerabilities in Microsoft Windows and SharePoint. Two vulnerabilities this month. #TrendVulns #PositiveTechnologies #Microsoft #Windows #SharePoint #EyeSecurity #ToolShell #wuauserv #StorageSense.➡️

About the Elevation of Privilege in Windows Update Service (CVE-2025-48799) from July’s Microsoft Patch Tuesday. Researcher @filip_dragovic (Wh04m1001) published an exploit on July 8, the same day as the MSPT. #Microsoft #Windows #wuauserv #StorageSense.➡️

🆕 #Qualys has introduced #AgenticAI. Cyber Risk Agents not only detect issues and provide analytics, but also autonomously identify critical risks, prioritize them, and launch targeted remediation workflows. ➡️

July Linux Patch Wednesday: 470 vulns, 291 in the Kernel. One is exploited in the wild, 36 (❗️) have public or suspected exploits. #LinuxPatchWednesday #Vulristics #Linux #Sudo #jQuery #Chromium #CISAKEV #Redis #pgAdmin #Git #PHP #LuaJIT.➡️

🚨 CVE-2025-53770 ("ToolShell") - a critical RCE flaw in Microsoft SharePoint - is being actively exploited; public PoC released July 21. Patch immediately. #Microsoft #SharePoint #ToolShell #EyeSecurity .➡️

July "In the Trend of VM" (# 17): vulnerabilities in Microsoft Windows and Roundcube. A traditional monthly roundup. This time, only three trending vulnerabilities. 🙂 #TrendVulns #PositiveTechnologies #URLfile #SMB #Microsoft #Windows #Roundcube .➡️

🚨 CVE-2025-33053: RCE via .url files exploited in the wild since March by Stealth Falcon; Check Point dropped details on Patch Tuesday; exploits released on GitHub. #URLfile #CheckPoint #Microsoft #Windows #StealthFalcon #WebDAV.➡️

RCE in Roundcube (CVE-2025-49113): 10 years in the code, public exploit since June 5, real attacks confirmed. Patch now! #Roundcube #FearsOff.➡️

July Microsoft Patch Tuesday: 152 vulnerabilities — double June's count, including 15 added between the June and July MSPT. One exploited in the wild; one with a GitHub exploit. #Vulristics #PatchTuesday #Microsoft #Windows.➡️

CVE-2025-33073: Win SMB Client EoP vuln (SYSTEM via connection to malicious SMB server) - patch now, enforce SMB signing, public exploits out, not yet seen in the wild. #Microsoft #Windows #SMB #NTLMreflection #Kerberos #Synacktiv #RedTeamPentesting.➡️

June Linux Patch Wednesday: 598 vulnerabilities, including 355 in the Linux Kernel. Exploited in the wild: 3 (CISA KEV). Public exploits available for 40 (❗️) vulnerabilities. #LinuxPatchWednesday #Vulristics #Linux #Roundcube #libblockdev #Chromium.➡️

I added support for ALT Linux OVAL content in Linux Patch Wednesday. Now I track when specific CVEs were fixed in ALT Linux packages and take that into account when generating the monthly bulletins. #ALTLinux #LinuxPatchWednesday #OVAL.➡️

June Microsoft Patch Tuesday. A total of 81 vulnerabilities. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild. #Vulristics #PatchTuesday #Microsoft #Windows.➡️

About Elevation of Privilege - Microsoft DWM Core Library (CVE-2025-30400) vulnerability. There is currently one GitHub repository with a PoC, but its functionality is highly questionable. 🤔 #DWM #Microsoft #Windows .➡️

About Elevation of Privilege - Windows CLFS Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities. No public exploits or exploitation details yet. 🤷‍♂️ But these vulns are likely being used in ransomware attacks. #Microsoft #Windows #CLFS.➡️

Cross Site Scripting - Zimbra Collaboration (CVE-2024-27443) vulnerability. ESET discovered attacks in 2024 but only disclosed this on May 15, 2025. #Zimbra #ESET.➡️

MDaemon patched CVE-2024-11182 (reported by ESET) in version 24.5.1 (Nov 14, 2024). Yet ESET only disclosed on May 15, 2025, that the vulnerability had been exploited in the wild from the start. 🤷‍♂️ #MDaemon #ESET .➡️

Vulnerabilities of Western logistics. Patches, exploits, and signs of in-the-wild exploitation have been available for years for these vulnerabilities. 🤦‍♂️🤷‍♂️ #FiveEyes #Outlook #Cybercube #WinRAR .➡️