Sign in Subscribe

ThreatGrid Team

Cisco Secure Client Privilege Escalation (CVE-2025-31125): What You Need to Know

Cisco Secure Client Privilege Escalation (CVE-2025-31125): What You Need to Know

Cisco has patched a high-severity flaw in Secure Client for Windows that could let attackers gain SYSTEM privileges. CVE-2025-31125 is already being targeted in the wild, making rapid patching critical.

Critical Erlang OTP SSH Daemon Zero-Day Exploited in OT Networks (CVE-2025-32433)

Critical Erlang OTP SSH Daemon Zero-Day Exploited in OT Networks (CVE-2025-32433)

A severe remote code execution zero-day—CVE-2025-32433—has been actively exploited in critical infrastructure environments via Erlang’s OTP SSH daemon. Operators must patch immediately and monitor OT environments for signs of post-exploit activity.

Inside Ransomware-as-a-Service: How Affiliates and Developers Collaborate in the Shadows

Inside Ransomware-as-a-Service: How Affiliates and Developers Collaborate in the Shadows

Ransomware-as-a-Service has industrialized cybercrime, enabling affiliates to launch attacks with ease. Discover how this underground economy operates and what organizations can do to defend themselves.

Zero Trust in 2025: Building Resilient Architectures for Hybrid Cloud Environments

Zero Trust in 2025: Building Resilient Architectures for Hybrid Cloud Environments

Zero Trust is essential for securing today’s hybrid cloud environments. This article explores the core principles, challenges, and future trends driving Zero Trust adoption in 2025 and beyond.

The Rise of AI-Driven Phishing: How to Detect and Defend Against Deepfake Social Engineering

The Rise of AI-Driven Phishing: How to Detect and Defend Against Deepfake Social Engineering

AI-powered deepfake phishing attacks are becoming increasingly sophisticated, making it harder for individuals and organizations to detect fraud. Learn how to identify and defend against these next-generation social engineering threats.

Microsoft CLFS Zero-Day Under Active Exploitation — CVE-2025-29824

Microsoft CLFS Zero-Day Under Active Exploitation — CVE-2025-29824

A Windows kernel zero-day in the Common Log File System (CLFS) driver (CVE-2025-29824) has been exploited in the wild to escalate privileges and enable ransomware post-compromise activity. Microsoft patched the issue in April 2025 — apply updates and hunt for signs of post-exploit activity now.

WinRAR Zero-Day Exploited in Phishing Attacks (CVE-2025-8088)

WinRAR Zero-Day Exploited in Phishing Attacks (CVE-2025-8088)

A critical directory traversal zero-day in WinRAR (CVE-2025-8088) is now being weaponized via phishing emails to deploy RomCom malware silently. Immediate action is required to patch and monitor systems—usually the easiest way into an endpoint is a downloaded file, not a web exploit.