LIVETHREAT INTELLIGENCE
NVD/NISTCVE-2025-29927 β€” Next.js Middleware Auth Bypass Β· All versions <15.2.3 affectedCRITICAL 9.1β—†AlienVault OTXAPT29 (Cozy Bear) β€” Active Spear-Phishing Campaign Targeting NATO DiplomatsCRITICAL 9.3β—†Recorded FutureCl0p Ransomware β€” MOVEit-style Campaign Targeting MFT Solutions GloballyCRITICAL 9.5β—†Shodan22,000+ Redis Instances Exposed on Port 6379 β€” No Auth β€” Cryptominer RiskHIGH 8.9β—†VirusTotalCVE-2025-21298 β€” Windows OLE Remote Code Execution Β· CISA KEV Catalog AddedCRITICAL 9.8β—†Censys14,500+ Exposed Kubernetes API Servers Detected β€” Anonymous Access EnabledHIGH 8.7β—†AlienVault OTXFIN7 Carbanak Group β€” New JavaScript Backdoor Targeting Retail POS SystemsHIGH 8.4β—†NVD/NISTCVE-2025-24813 β€” Apache Tomcat RCE via Partial PUT Β· Exploit Code PublicCRITICAL 9.8β—†Recorded FutureDark Web Auction: 2.1M U.S. Healthcare Records Listed Β· PII + Insurance DataHIGH 8.1β—†VirusTotalLumma Stealer v4.1 β€” New Evasion Bypass for Windows Defender SmartScreenHIGH 8.6β—†NVD/NISTCVE-2025-30065 β€” Apache Parquet RCE via Schema Parsing Β· CVSS Maximum ScoreCRITICAL 10.0β—†Recorded FutureSalt Typhoon (China) β€” Telco Backdoors Persist in 3 U.S. Carriers Post-DisclosureCRITICAL 9.2β—†VirusTotalDragonForce Ransomware β€” New Affiliate Program Attracting LockBit DefectorsHIGH 8.5β—†ShodanCitrix NetScaler Bleed (CVE-2023-4966) β€” 4,800 Unpatched Hosts Still ExploitableCRITICAL 9.4β—†CensysIvanti Connect Secure 0-Day Chain β€” Nation-State Actor Exploitation ConfirmedCRITICAL 9.0β—†AlienVault OTXBEC Surge Q1 2026 β€” $3.1B in Wire Fraud Β· AI Voice Cloning in UseHIGH 7.9β—†NVD/NISTCVE-2025-29927 β€” Next.js Middleware Auth Bypass Β· All versions <15.2.3 affectedCRITICAL 9.1β—†AlienVault OTXAPT29 (Cozy Bear) β€” Active Spear-Phishing Campaign Targeting NATO DiplomatsCRITICAL 9.3β—†Recorded FutureCl0p Ransomware β€” MOVEit-style Campaign Targeting MFT Solutions GloballyCRITICAL 9.5β—†Shodan22,000+ Redis Instances Exposed on Port 6379 β€” No Auth β€” Cryptominer RiskHIGH 8.9β—†VirusTotalCVE-2025-21298 β€” Windows OLE Remote Code Execution Β· CISA KEV Catalog AddedCRITICAL 9.8β—†Censys14,500+ Exposed Kubernetes API Servers Detected β€” Anonymous Access EnabledHIGH 8.7β—†AlienVault OTXFIN7 Carbanak Group β€” New JavaScript Backdoor Targeting Retail POS SystemsHIGH 8.4β—†NVD/NISTCVE-2025-24813 β€” Apache Tomcat RCE via Partial PUT Β· Exploit Code PublicCRITICAL 9.8β—†Recorded FutureDark Web Auction: 2.1M U.S. Healthcare Records Listed Β· PII + Insurance DataHIGH 8.1β—†VirusTotalLumma Stealer v4.1 β€” New Evasion Bypass for Windows Defender SmartScreenHIGH 8.6β—†NVD/NISTCVE-2025-30065 β€” Apache Parquet RCE via Schema Parsing Β· CVSS Maximum ScoreCRITICAL 10.0β—†Recorded FutureSalt Typhoon (China) β€” Telco Backdoors Persist in 3 U.S. Carriers Post-DisclosureCRITICAL 9.2β—†VirusTotalDragonForce Ransomware β€” New Affiliate Program Attracting LockBit DefectorsHIGH 8.5β—†ShodanCitrix NetScaler Bleed (CVE-2023-4966) β€” 4,800 Unpatched Hosts Still ExploitableCRITICAL 9.4β—†CensysIvanti Connect Secure 0-Day Chain β€” Nation-State Actor Exploitation ConfirmedCRITICAL 9.0β—†AlienVault OTXBEC Surge Q1 2026 β€” $3.1B in Wire Fraud Β· AI Voice Cloning in UseHIGH 7.9β—†
Live Intelligence

Global Threat Dashboard

Live Feed ActiveUpdated
πŸ”΄
Critical CVEs (24h)
14
🌐
Active Campaigns
237
πŸ›‘οΈ
Threats Blocked
247,391
⚑
Avg Attack Duration
4.3h

🌍 Global Attack Origins

Last 24 hours
TOP ORIGINS
πŸ‡¨πŸ‡³ China 31%
πŸ‡·πŸ‡Ί Russia 24%
πŸ‡ΊπŸ‡Έ USA 12%
πŸ‡§πŸ‡· Brazil 8%

πŸ“ˆ Attack Volume (7 Days)

Attacks vs Blocked

πŸ”΄ Live CVE Feed

Loading...
8 CVEs
CVE-2025-0847RCE
Windows Kernel
Actively Exploited
9.8
CVSS
CVE-2025-1204Zero-Day
Chrome V8 Engine
Actively Exploited
9.1
CVSS
CVE-2025-0923Path Traversal
Apache HTTP Server
POC Available
8.9
CVSS
CVE-2025-1091Auth Bypass
OpenSSH 8.x
Patch Available
8.7
CVSS
CVE-2025-0761Priv Escalation
VMware vCenter
POC Available
8.5
CVSS
CVE-2025-1322RCE
Cisco IOS XE
Patch Available
8.2
CVSS
CVE-2025-0489XSS
WordPress Core
Patched v6.4.3
7.8
CVSS
CVE-2025-1047DoS
NGINX 1.24
Patch Available
7.5
CVSS

⚑ Active Incidents

6 Active
πŸ”΄LockBit 3.0 Ransomware Campaign
Sector: Financial Services
2 mins ago
Ongoing
🟠APT29 Spear-Phishing β€” Government
Sector: Government
14 mins ago
Ongoing
πŸ”΄Credential Stuffing β€” Retail Platforms
Sector: Retail
31 mins ago
Ongoing
🟑DDoS Attack β€” EU Telecom
Sector: Telecom
1 hr ago
Resolved
🟠SQL Injection β€” Healthcare APIs
Sector: Healthcare
2 hrs ago
Ongoing
🟑BEC Wire Transfer Fraud Attempt
Sector: Financial
4 hrs ago
Resolved

🎯 Attack Category Breakdown (30 Days)

Phishing & Social Engineering38%
Ransomware & Malware24%
DDoS Attacks18%
SQL Injection & Web Attacks12%
Credential Stuffing5%
Zero-Day Exploits3%