- Cyber Threat Intelligence, Vulnerability Notification
Monthly NDV – December/2025
The December NDV highlights the most critical and high-severity vulnerabilities, including actively exploited flaws in widely used technologies.
- Cyber Threat Intelligence, SEK Security Advisory
Critical vulnerability enables remote code execution in n8n via Git node manipulation
A critical flaw (CVE-2025-65964, CVSS 9.4) in n8n allows remote code execution by abusing Git Node configuration, letting attackers run malicious scripts on the host server.
- Cyber Threat Intelligence, SEK Security Advisory
Critical Fortinet vulnerabilities allow authentication bypass
Fortinet has patched two critical flaws (CVSS 9.8) that enable full authentication bypass via SAML response forgery in FortiOS.
- Cyber Threat Intelligence, SEK Security Advisory
Microsoft fixes actively exploited zero-day and 56 additional vulnerabilities in December Patch Tuesday
Microsoft’s December Patch Tuesday delivers fixes for 57 vulnerabilities, including an actively exploited zero-day (CVE-2025-62221) enabling SYSTEM-level privilege escalation.
- Cyber Threat Intelligence, SEK Security Advisory
SAP fixes critical vulnerabilities in the December 2025 Patch Day
SAP released patches for 14 flaws, including critical vulnerabilities enabling code execution and full system compromise in Solution Manager, Commerce Cloud, and jConnect, requiring urgent updates.
- Cyber Threat Intelligence, Intelligence Bulletin
Intelligence Brief – WhatsApp Malware in Brazil: Water Saci, Maverick & Coyote
Cybercriminals are using WhatsApp to deliver multi-stage malware designed to steal data and gain remote access.
- Cyber Threat Intelligence, Notificação de Vulnerabilidades OT/ICS
Monthly NDV OT-ICS – November/2025
An issue in Azure Front Door led to worldwide disruptions across Microsoft services, impacting applications relying on the platform.
- Cyber Threat Intelligence, Notificação de Vulnerabilidades OT/ICS
Monthly NDV – November/2025
See November’s most critical vulnerabilities and the urgent actions needed to reduce risk.
- Cyber Threat Intelligence, SEK Security Advisory
New Sha1-Hulud Wave Hits Over 25,000 Repositories via NPM Supply Chain
The new malware variant compromises thousands of npm repositories, stealing credentials and wiping directories if exfiltration fails.