May 2025 – Page 4 – TheCyberThrone

CISA Adds Microsoft and SAP NetWeaver Zero-Day to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has recently expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding multiple Microsoft Patch Tuesday vulnerabilities and a critical zero-day flaw in SAP NetWeaver.…

PravinKarthik May 16, 2025

CVE-2025-22462 Critical Auth Bypass Flaw in Ivanti Neurons for ITSM

CVE-2025-22462 is a critical authentication bypass vulnerability affecting on-premises instances of Ivanti Neurons for ITSM, a widely used IT service management (ITSM) platform. This flaw allows unauthenticated remote attackers to…

PravinKarthik May 15, 2025

CVE-2025-32756 Critical RCE in Fortinet Products

CVE-2025-32756 is a critical stack-based buffer overflow vulnerability affecting multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. This flaw allows unauthenticated remote attackers to execute arbitrary code or…

PravinKarthik May 15, 2025

SAP Patch Tuesday May 2025

SAP has released its May 2025 Patch Tuesday security updates, addressing 16 newly identified vulnerabilities and providing updates to two previously published security notes. These patches cover SAP NetWeaver, SAP…

PravinKarthik May 14, 2025

Microsoft Patch Tuesday May 2025

Microsoft has released its May 2025 Patch Tuesday updates, addressing 78 security vulnerabilities, including five actively exploited zero-day flaws. These updates cover Windows, Microsoft Office, Azure, Visual Studio, and other…

PravinKarthik May 14, 2025

PumpkinStealer Malware Detailed out

A newly discovered information-stealing malware, known as PumpkinStealer, has surfaced as a significant cybersecurity threat, specifically targeting Windows users. Written in C# using the .NET framework, this malware is designed…

PravinKarthik May 13, 2025

Google to Pay Texas $1.4 Billion in Landmark Privacy Settlement

Google has agreed to pay $1.4 billion to the state of Texas to settle allegations that it collected users’ data without permission, marking one of the largest privacy settlements in…

PravinKarthik May 12, 2025

Ascension Healthcare Data Breach

Ascension Healthcare, one of the largest private healthcare systems in the United States, has confirmed a major data breach affecting over 430,000 patients. The breach, first detected in December 2024,…

PravinKarthik May 11, 2025