Technical analysis, security advisories, and proactive vulnerability management
Welcome to the Vulnerabilities & Alerts section, dedicated to technical threat monitoring, reporting of critical CVEs, active exploits, and cyber risk management.
📌 This page centralizes high-severity vulnerability analyses, mitigation recommendations, and security advisories from CERTs, vendors, and the cybersecurity community.
🔍 Here’s what you’ll find:
- High-risk vulnerability advisories (CVSS ≥ 8)
- Exploitation analyses (PoC, payloads, abuse context)
- Actively exploited vulnerabilities by APTs or ransomware
- CTI correlations (groups, campaigns, infrastructures)
- Detection mechanisms (Snort, YARA, Sigma, Suricata)
- Mitigation strategies in critical environments
- Urgent alerts from CERT-FR, CISA, NVD, Microsoft, etc.
- Patch management roadmaps
- …
📚 Available articles:
2025
- UAC-0239 Conducts Cyberattacks in Ukraine Using the OrcaC2 Framework and FILEMESS Stealer
- Red Hat data breach: analysis for CISOs, CERTs, CSIRTs and SOC teams
- FBI Alert: Malicious Activities by UNC6040 and UNC6395 Targeting Salesforce
- Microsoft September 2025 Patch Tuesday
- Massive npm Package Compromise Aimed at Stealing Cryptocurrency
- Salesloft Breach: More Than 700 Companies Impacted by the Attack
- CVE-2025-7775 – Memory Overflow Vulnerability in Citrix NetScaler
- CISA Vulnerability Summary – Week of July 21, 2025
- Cyberattacks by Group UAC-0001 (APT28) Targeting Gov. Institutions BEARDSHELL and COVENANT
- CISA Weekly Vulnerability Summary – Week of July 14, 2025