CVE-2022-0492 has been known since 2022 and is already catalogued in the CISA KEV; this alert repeats an established patching obligation without new exploit data or contextual information.
Gamaredon employs a multi-stage exploitation chain leveraging the WinRAR vulnerability to establish system fingerprinting and remote payload delivery, indicating escalation of Russian APT activity targeting Eastern Europe.
A memory corruption vulnerability in Windows drivers can be triggered via malformed trusted application requests, potentially enabling local privilege escalation.
Critical
CVSS
6.7
EPSS
0%
NEW lwxat (Chinese-speaking cybercriminal collective)
Organized Chinese-speaking cybercriminals operate BadIIS as a Malware-as-a-Service since at least 2021 with continuous evasion updates targeting security products such as Norton,a systemic threat to Windows Server environments in European manufacturing firms.
AI-driven ransomware toolkits with automated EDR evasion and AD reconnaissance represent a new class of threats capable of rendering traditional defenses obsolete through machine-learning-based evasion techniques.
BSI alerts to an RCE vulnerability in Microsoft SharePoint Server; as no CVE is specified, this may be a not-yet-publicly-disclosed or aggregated advisory.
An npm-based infostealer with over 100,000 downloads demonstrates active supply-chain risk through manipulated open-source packages that exfiltrate credentials and environment data from developers.
Kali365 operators have expanded their attack capabilities from pure Microsoft 365 phishing to AWS, Okta, and Russian platforms, using device-code phishing to bypass MFA.
BSI warns of a kernel vulnerability with local exploitability and potential arbitrary code execution that poses a risk to systems with uncontrolled local access.