Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2025-59007 — Deserialization: of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor
Deserialization of Untrusted Data vulnerability in themesflat TF Woo Product Grid Addon For Elementor tf-woo-product-grid allows Object Injection.This issue affects TF Woo Product Grid Addon For Elementor: from n/a through <= 1.0.1. CVSSv3.1 9.8 (CRITICAL)
CVE-2025-58967 — Thememove Businext: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Businext businext allows PHP Local File Inclusion.This issue affects Businext: from n/a through < 2.4.4. CVSSv3.1 8.1 (HIGH)
CVE-2025-58963 — Upload: Unrestricted Upload of File with Dangerous Type vulnerability in 7oroof Medcity medcity allows Upload
Unrestricted Upload of File with Dangerous Type vulnerability in 7oroof Medcity medcity allows Upload a Web Shell to a Web Server.This issue affects Medcity: from n/a through < 1.1.9. CVSSv3.1 10.0 (CRITICAL)
CVE-2025-58958 — Thememove Smilepure: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove SmilePure smilepure allows PHP Local File Inclusion.This issue affects SmilePure: from n/a through < 1.8.5. CVSSv3.1 8.1 (HIGH)
CVE-2025-52758 — Upload: Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy
Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy zippy allows Using Malicious Files.This issue affects Zippy: from n/a through <= 1.7.0. CVSSv3.1 9.1 (CRITICAL)
CVE-2025-49931 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetSearch jet-search allows Blind SQL Injection.This issue affects JetSearch: from n/a through <= 3.5.10. CVSSv3.1 9.3 (CRITICAL)
CVE-2025-49916 — Authorization: Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MultiVendorX: from n/a through <= 4.2.23. CVSSv3.1 8.6 (HIGH)
CVE-2025-49915 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.5. CVSSv3.1 9.3 (CRITICAL)
CVE-2025-49380 — Deserialization: of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object
Deserialization of Untrusted Data vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Object Injection.This issue affects WooCommerce Vehicle Parts Finder: from n/a through <= 3.7. CVSSv3.1 9.8 (CRITICAL)
CVE-2025-49378 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Hydra Booking hydra-booking allows SQL Injection.This issue affects Hydra Booking: from n/a through <= 1.1.10. CVSSv3.1 8.5 (HIGH)
CVE-2025-48091 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alexander AnyComment anycomment allows SQL Injection.This issue affects AnyComment: from n/a through <= 0.3.6. CVSSv3.1 8.5 (HIGH)
CVE-2025-56447 — TM2: Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
Pwn2Own Ireland 2025 - Day Two Results
Pwn2Own Ireland 2025 Day Two concluded with 56 unique 0-day vulnerabilities disclosed across IoT, mobile, and network appliances, awarding $792,750 total. Notable exploits included a Samsung Galaxy S25 RCE chain (5 bugs, $50k), multiple printer/bridge buffer overflows, and an auth-bypass leading to root on Synology NAS. The Summoning Team maintains the Master of Pwn lead heading into Day Three, with a high-value WhatsApp exploit pending.
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Trend Micro Research documents a novel collaborative model between China-aligned APT groups Earth Estries and Earth Naga, termed "Premier Pass-as-a-Service," where Earth Estries acts as an access broker providing direct network access to Earth Naga for continued exploitation. The report details a Southeast Asian government compromise (January–March 2025) involving CrowDoor, ShadowPad, Cobalt Strike, and post-exploitation tools, and introduces a four-tier framework categorizing APT collaboration types from loose coordination to advanced operational-box provisioning.
CVE-2025-11151 — Exposure: of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System Information to
Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beyaz Bilgisayar Software Design Industry and Trade Ltd. Co. CityPLus allows Detect Unpublicized Web Pages. This issue affects CityPLus: before V24.29500.1.0. CVSSv3.1 8.2 (HIGH) · EPSS 14th percentile
Pwn2Own Ireland 2025: Day One Results
Pwn2Own Ireland 2025 Day One concluded with 17 successful exploit attempts across 34 unique vulnerabilities, awarding $522,500 in prizes. Researchers demonstrated exploits against network appliances and IoT devices including HP printers, Canon multifunction devices, Synology NAS systems, QNAP storage, Philips Hue bridges, Sonos speakers, and Home Assistant Green, using techniques ranging from stack/heap overflows to SSRF, command injection, and auth bypass chains.
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
Trend Micro Research disclosed technical analysis of Vidar Stealer 2.0, released October 6, 2025, featuring a complete C-language rewrite, multithreaded architecture, and novel Chrome AppBound encryption bypass via direct memory injection. The malware targets credentials across browsers, cloud services, cryptocurrency wallets, gaming platforms, and communication apps, with activity spiking as threat actors migrate from declining Lumma Stealer operations.
Microsoft Windows Cloud Files Minifilter TOCTOU Privilege Escalation
Microsoft patched CVE-2025-55680, a time-of-check-time-of-use (TOCTOU) race condition in the Cloud Files Minifilter driver (cldflt.sys) discovered in March 2024. The vulnerability exists in HsmpOpCreatePlaceholders() where a filename validation check for backslash and colon characters can be bypassed by modifying a mapped userspace buffer between validation and file creation, allowing arbitrary file creation anywhere on the system via DLL side-loading for privilege escalation.
CVE-2025-56224 — Ascertia Signinghub: A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub
A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack. CVSSv3.1 8.1 (HIGH) · EPSS 37th percentile
ADCollector — A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and
ADCollector is a C# enumeration tool designed to rapidly extract attack-relevant information from Active Directory environments, including domain trusts, privileged accounts, delegation configurations, ADCS settings, and ACL misconfigurations. The tool focuses on identifying high-value targets and attack vectors without the overhead of comprehensive enumeration, complementing PowerView for initial reconnaissance phases.
CVE-2025-56218 — Ascertia Signinghub: An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code
An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file. CVSSv3.1 9.8 (CRITICAL) · EPSS 47th percentile
CVE-2025-57567 — RCE: A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically
A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the default theme directory (/themes/defaut/css/minify.php). An authenticated administrator user can overwrite this file with arbitrary PHP code via the admin panel, enabling execution of system commands. CVSSv3.1 9.1 (CRITICAL) · EPSS 55th percentile
Small Actions, Big Breaches: The Silent Offensive Against Your data
Bishop Fox's Enterprise AI and SaaS Data Security Report reveals that 77% of employees paste sensitive data into unmanaged generative-AI tools, with 82% using personal accounts and 39% uploading files containing PII/PCI. The research reinforces that human behavior—not advanced exploits—remains the primary breach vector, with 60% of breaches involving user error or misuse per Verizon DBIR data.
CVE-2025-11849 — Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package
Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the package org.zwobble.mammoth:mammoth before 1.11.0 are vulnerable to Directory Traversal due to the lack of path or file type validation when processing a docx file containing an image with an external link (r:link attribute instead of embedded r:embed). The library resolves the URI to a fil CVSSv3.1 9.3 (CRITICAL) · EPSS 46th percentile
CVE-2025-10850 — Felan: The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up
The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. This is due to the hardcoded password in the 'fb_ajax_login_or_register' function and in the 'google_ajax_login_or_register' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, if they registered with facebook or google social login and did not change their password. CVE-2025-23504 is likely a duplica CVSSv3.1 9.8 (CRITICAL)