版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
GLOBALCYBERSECURITYREPORT
2025
2
GLOBALCYBERSECURITYREPORT
ExecutiveSummary3
InitialAccessesonSale
4
NotableAccessesonSale
6
JakartaTransportOperatorTargetedinAllegedDataBreach
6
ThreatActorSoldAllegedAccesstoAngolanGovernmentPortal
6
ItalianPoliceDepartment’sAllegedEmailAccessForSale
6
AllegedVPNAccesstoIndonesianStateFirmandAgribusinessGiant
7
ThreatActorSellsAllegedAccesstoMajorPeruvianPoultryFirm
7
DataBreachesandLeaks
8
NotableDataBreachesandLeaks
10
FrenchSportsUnionHitByMajorDataBreach
10
FOGRansomwareLeaksGitLabSourceCodeofGlobalOrganizations
10
DataofFrenchInsuranceBrokerLeakedOnline
10
136GBofDatafromArgentinianPetroleumFirm
11
RansomwareAttacks
12
CriticalVulnerabilitiesobservedasZerodaysandCISAKEV
18
KnownExploitedVulnerabilities
18
Zero-DayVulnerabilities
21
Hacktivism
23
IndustryInsightsandAnalysis
26
Conclusion
31
KeyTakeaways32
©2025CybleInc.Allrightsreserved.
3
GLOBALCYBERSECURITYREPORT
十十
Executive
++++
Summary
Cyble’sGlobalCybersecurityReportbringstolightspecificcyberthreatactivitytargetingWorldwidefromJanuary2025toNovember2025.
andthesaleofinitialaccess,withQilinemergingasthemostprolificransomwareoperator
Thethreatlandscapewascharacterizedbyahighvolumeofransomwareattacks,databreaches,
dayexploitsforhigh-impactcampaigns.
targetingthemanufacturingandconstructionsectors,whilegroupslikeCL0Pleveragedzero-
affectingtheretailindustry,anddatabreachesprimarilytargetinggovernmentandBFSIentities,
Illicitmarketsshowedastrategicfocus,withcompromisedaccesssalesdisproportionately
allfacilitatedbyafragmentedlandscapeofthreatactors.
appliancesandenterprisesoftwarefromvendorslikeFortinet,Ivanti,andMicrosoftservedasa
Persistentexploitationofhigh-severityandzero-dayvulnerabilitiesinnetworksecurity
primaryinitialaccessvector.
athrivingecosystemofcybercrime-as-a-serviceplatformsenablingfinanciallymotivated
GeopoliticallymotivatedhacktivismdrovewidespreadDDoSattacksanddataleaks,alongside
attacks.Notableincidentsshowcasedthesevereriskposedbystate-sponsoredactors
conductingsupplychainattacksandespionageoperationsagainstgovernmentandcritical
infrastructure.
exploitedvulnerabilities,theimplementationofnetworksegmentationtolimitlateralmovement,
Recommendedmitigationstrategiesemphasizetheprioritizationofrapidpatchingforknown
andenhancedmonitoringtodetectandrespondtocompromises.
Fig1:CybercrimeIncidents
©2025CybleInc.Allrightsreserved.
4
GLOBALCYBERSECURITYREPORT
InitialAccesses
++++
++
onSale
AnalysisoftheOverallThreatActivity
In2025,CybleResearchandIntelligenceLabsobserved3013incidentsrelatedtothesaleof
compromisedaccessoncybercrimeforums.
Thedistributionoftheseincidentsrevealsaconcentratedfocusonspecificindustries,with
theRetailsectorbeingthemostprominenttarget,accountingfor594incidents,ornearly20%
ofthetotal.Thisfigureismorethandoublethatofthenextmostimpactedsector,Banking,
FinancialServices,andInsurance(BFSI),whichsaw284incidents,followedbyGovernment
&LawEnforcementAgencieswith175incidents.Together,thesetopthreesectorsconstitute
approximately35%ofallobservedaccesslistings.
Thisstrategictargetingshowsthreatactors’prioritizationofindustriesrichwithmonetizabledata;RetailforitsvaststoresofconsumerPIIandpaymentinformation,BFSIfordirectaccesstofinancialassets,andGovernmententitiesforsensitivestateandintelligencedata.
Thesaleofsuchaccesssignificantlyelevatestheriskofsubsequentlarge-scaledatabreaches,
financialfraud,andpotentialthreatstonationalsecurity.Ultimately,thedisproportionateimpact
ontheRetail,BFSI,andGovernmentsectorsunderscoresapersistentcybercriminalfocuson
compromisingdata-richenvironmentsformaximumillicitgain.
Fig2:CompromisedAccessesAcrossIndustries
©2025CybleInc.Allrightsreserved.
5
GLOBALCYBERSECURITYREPORT
Analysisofthecompromisedaccessmarketin2025revealedahighlyactivelandscape.
Themostprolificthreatactorsbypostvolumewere‘professorkliq’(55posts),‘cosmodrome’
(49posts),and‘reve’(45posts).Despitetheactivityofthesetopsellers,themarketshowsa
significantlackofcentralization.Thethreemostactiveactorscombinedwereresponsiblefor
justover5%ofthetotalobservedpostssellingcompromisedaccess.
Thislowconcentrationindicatesamarketcharacterizedbymanyindependentandopportunistic
sellersratherthanonedominatedbyafewestablishedplayers,pointingtoalowbarrierof
entryfornewthreatactorsintothisilliciteconomy.
Fig3:ActiveThreatActorsSellingCompromisedAccess
©2025CybleInc.Allrightsreserved.
6
GLOBALCYBERSECURITYREPORT
+
NotableAccesses
++++
onSale
JakartaTransportOperatorTargetedinAllegedDataBreach
OnJune19,thethreatactor‘xanozore’advertiseddataallegedlystolenfromPTMassRapidTransitJakartaontheDarkforumscybercrimemarketplace.Theactorclaimedtohaveaccessedinternaldata,includinginformationfromtheelectronicticketingsystem(ETC),andoffereditforsalewithoutspecifyingaprice.Tosubstantiatetheirclaims,thethreatactorsharedsamplescontaininganemployeesalaryslip,aprocurementcontract,andscreenshotsofaninternalsystemdashboard.‘xanozore’isanewlyregistereduserontheforum,andassuch,theircredibilityhasnotyetbeenestablished.
ThreatActorSoldAllegedAccesstoAngolanGovernmentPortal
AroundJune22,thethreatactor‘darksidebases’advertisedthesaleofunauthorizedaccesstoadocumentmanagementportalallegedlybelongingtotheAngolangovernmentonacybercrimeforum.Thethreatactorclaimedtheportalcontainedapproximately200,000internaldocuments.Tosubstantiatetheirclaim,theactorsharedsamples,includingscannedcopiesofformalcommunicationsbetweenvariousgovernmentdepartments,suchastheOfficeoftheOmbudsmanandtheMinisterofJusticeandHumanRights,datedJune11,2025.Theleakeddocumentsalsocontainedcorrespondencerelatedtoanidentitycarduniversalizationcampaignandwhatappearedtobenationalidentitycards.Aspecificpricefortheaccesswasnotmentionedintheadvertisement.
ItalianPoliceDepartment’sAllegedEmailAccessForSale
AroundMarch26,thethreatactor‘empathy’advertisedallegedunauthorizedaccesstoanemailaccountbelongingtoanofficialoftheItaly’snationalpoliceforce,onnuovoBreachForums.ThethreatactorlistedtheaccessforUSD70,withapreferenceforpaymentinMonero(XMR),andprovidedascreenshotfromthecompromisedmailboxasproof.Thescreenshotcontainedseveralemailsfromaccountsassociatedwiththeofficialdomain.Asimilarofferbyadifferentthreatactorinthepasthasbeenobserved.
©2025CybleInc.Allrightsreserved.
7
GLOBALCYBERSECURITYREPORT
AllegedVPNAccesstoIndonesianStateFirmandAgribusinessGiant
InearlyNovember2025,athreatactoridentifiedas“GmXstm”advertisedthesaleofunauthorizedinitialaccesstotheVPNsystemsoftwoprominentorganizationsontheDarkForumscybercrimesite.TheactorclaimedtobesellingaccesstoanIndonesianstate-ownedholdingcompany,andtheIndonesianbranchofaSingapore-headquarteredglobalagribusinessfirm.Thelistingsspecifiedthattheaccesspointswerethecompanies’respectivePaloAltoNetworksGlobalProtectVPNportals.Thethreatactor,anewforummember,didnotprovideanyproof-of-compromisetosupporttheirassertions,leavingtheclaimsunverified.
ThreatActorSellsAllegedAccesstoMajorPeruvianPoultryFirm
AroundMay31,threatactor‘RedTeam’offeredunauthorizedaccesstoaPeruvianpoultrycompanyforsaleontheXSScybercrimeforum.Theactor’spostclaimedthetargetorganizationhasanannualrevenueofUSD240millionand1,470employees,detailswhichsuggestthevictimmaybetheprominentPeruvianmeatproducer.Asimilaradvertisementwasmadebytheprobableaffiliatehandle‘cyber_red’ontheExploitforum.Insteadofafixedprice,thesellerwasseekingapercentageoftheprofitsfromabuyer’ssubsequentsuccessfulexploitation.Thethreatactor’sclaimsremainunconfirmed,asnoproofofcompromisewassharedinthepost.
©2025CybleInc.Allrightsreserved.
8
GLOBALCYBERSECURITYREPORT
+
DataBreaches
andLeaks
AnalysisoftheOverallThreatActivity
In2025,CybleResearchandIntelligenceLabs(CRIL)observed6046incidentsrelatedtodatabreachesandleaksworldwide.
TheGovernment&LawEnforcementAgency(LEA)sectorwastheprimarytarget,accounting
for998incidents,orapproximately16.5%ofthetotal.Followingclosely,theBanking,Financial
Services,andInsurance(BFSI)sectorexperienced634incidents,representingnearly10.5%ofall
observedbreaches.Combined,thesetwosectorsconstitutedoveraquarterofalldatabreach
incidents,indicatingthreatactors’concentratedeffortstoaccesshigh-valuetargets.Thisfocus
likelyreflectsadualmotivation:theexfiltrationofsensitivecitizenPIIandnationalsecuritydata
fromgovernmententitiesforespionageordisruption,andthedirectpursuitoffinancialgain
throughthetheftofcustomerfinancialrecordsfromtheBFSIsector.
Thethreatlandscapewasthusoverwhelminglydominatedbybreachesaimedatpublicsector
institutionsandthefinancialindustry,underscoringtheirpersistentappealtocybercriminals.
Fig4:DataBreachesAcrossIndustries
©2025CybleInc.Allrightsreserved.
9
GLOBALCYBERSECURITYREPORT
Analysisofthreatactoractivityrevealedthat‘chucky_bf’(91posts),‘n1ka’(86posts),and‘lcap0ne’
(62posts)werethemostprolificindividualsadvertisingdatabreachesandleaksbetween
JanuaryandNovember2025.Thesetop-tieractorsrepresentasignificantconcentrationof
activity,establishingthemselvesaskeyplayersinthedatacompromiseecosystem.
Asecondarygroupofnotableactors,including‘sentap,’‘digitalghost,’and‘kazu,’also
demonstratedconsistentactivity,albeitatalowervolume.Beyondtheseprominentfigures,
thedataindicatesahighlyfragmentedlandscapecharacterizedbya‘longtail’ofhundredsof
threatactorswithminimalpostcounts.Thisdistributionmodelsuggeststhedataleakmarket
issustainedbybothestablished,high-volumedatabrokersandavast,fluctuatingnumberof
opportunisticparticipants,highlightingalowbarriertoentryandapersistentlyactivethreat
environment.
Fig5:ActiveThreatActorsSellingDataBreaches
©2025CybleInc.Allrightsreserved.
10
GLOBALCYBERSECURITYREPORT
++++++
++++
++
NotableDataBreachesandLeaks
FrenchSportsUnionHitByMajorDataBreach
Inmid-March2025,thethreatactorvorvitz_5advertiseddatabasesallegedlybelongingto
France’snationalsportsuniononacybercrimeforum.Theactorleakedonedatabasecontaining
recordsof7.7millionindividuals,includingfieldssuchasnames,phonenumbers,andinstitute
details.
Aseconddatabase,containingsensitiveinformationfrom10,500Frenchschools,wasoffered
forsale.Thisfor-saledatapurportedlyincludesschoolSIRETnumbers,contactdetailsforheads
ofestablishment,andfinancialinformationlikeIBANandBICnumbers.Thethreatactordidnot
publiclystateaprice,invitingpotentialbuyerstomakeaprivateoffer.
FOGRansomwareLeaksGitLabSourceCodeofGlobalOrganizations
InearlyFebruary2025,theFOGransomwaregroupleaked5GBofsourcecodepervictimallegedly
stolenfromtheGitLabrepositoriesofsixorganizations.Thedatawaspublishedviatorrentlinks
onthegroup’sleaksite,impactingentitiesintheIT,scientificresearch,andacademicsectors
acrossIndonesia,Germany,Egypt,Sweden,andtheNetherlands.Thethreatactoralsoclaimed
topossessstolensourcecodefromanadditionalsixorganizationslocatedinCambodia,Brazil,
Germany,France,andIsrael.ThespecificmethodusedtocompromisetheGitLabrepositories
hasnotbeendisclosed.
DataofFrenchInsuranceBrokerLeakedOnline
InlateFebruary2025,thethreatactor‘Lanvin’postedadatabaseonthenuovoBreachForums
allegedlystolenfromaprominentFrenchinsurancebrokeragefirm.Theactorclaimedtohave
exfiltratedthedataduringthesamemonth.Theleakeddatabasereportedlycontains67,000
records,exposingasignificantvolumeofsensitivepersonalandfinancialinformation,including
fullnames,birthdates,phonenumbers,emailaddresses,physicaladdresses,employment
status,maritaldetails,andbankdetails.
©2025CybleInc.Allrightsreserved.
11
GLOBALCYBERSECURITYREPORT
136GBofDatafromArgentinianPetroleumFirm
AroundJune15,threatactor‘Sentap’advertisedasignificantdataleakontheRussian-languageExploitcybercrimeforum.Theactorclaimedtobesellingapproximately136GBofsensitivedataallegedlyexfiltratedfromanArgentina-basedpetroleumandservicescompany.Thestoleninformationreportedlyincludesawiderangeofoperationalandbusinessdatasuchascontractdetails,revenuedocuments,financialforecasts,fueldistributionlogistics,oilwastemanagementcertificates,andlegaldocuments.Sentaplistedthedata,availableinPDF,XLSX,andCSVformats,foranaskingpriceofUSD12,000,payableinBitcoinorMonero.Tosubstantiatetheirclaims,thethreatactorprovidedsampledocuments,includingaprovisionalregistrationproofandaletterfromcompanymanagement.
©2025CybleInc.Allrightsreserved.
12
GLOBALCYBERSECURITYREPORT
++++++
+
RansomwareAttacks
十十十+++
2025witnessedarelentlessandevolvingransomwarelandscape,withCybleobserving
astaggering5,967attacksglobally.Thisperiodwascharacterizedbyasignificantpower
shiftamongthreatactors,thecontinueddominanceofthedoubleextortionmodel,andan
unwaveringfocusonindustrieswithlowtoleranceforoperationaldowntime.
ThethreatlandscapewasoverwhelminglydominatedbytheAkiraransomwaregroup,which
wasresponsibleforanunprecedentedvolumeofattacks,fillingthevoidleftbythedeclineof
previouslyprominentplayers.Concurrently,theCL0Pransomwaregangexecutedamassive,
short-durationcampaignearlyintheyear,reaffirmingthehigh-impactthreatposedbyzero-
dayvulnerabilityexploitation.ThemosttargetedsectorswereManufacturingandConstruction,
highlightingthreatactors’strategyofdisruptingcriticalphysicaloperationstomaximize
leverage.
OverallActivityandKeyTrends
The5,967incidentsrecordedin2025underscorethepervasiveandindustrializednatureof
theRansomware-as-a-Service(RaaS)model.Theprimarytacticremainsdoubleextortion,
wherethreatactorsexfiltratesensitivedatabeforeencryptingsystems.Thisstolendatais
thenpublishedondedicatedDataLeakSites(DLS)topressurevictimsintopayingtheransom,
effectivelyweaponizingtheirreputationalandregulatoryrisk.
Fig6:WorldwideRansomwareAttackNumbers2025
©2025CybleInc.Allrightsreserved.
13
GLOBALCYBERSECURITYREPORT
Akeytrendobservedisthefragmentationandrealignmentoftheecosystem.Thenotable
absenceoftheonce-dominantLockBitgangfromourobservedincidentssuggeststhatlaw
enforcementdisruptionsinpreviousyearshavecreatedapowervacuum,whichopportunistic
andhighlycapablegroupslikeQilinandAkirahaveaggressivelyexploited.
DominantThreatActors
Analysisoftheincidentdatarevealsaclearhierarchyofthreatactoractivityin2025.While
dozensofgroupswereactive,ahandfulwereresponsibleforthemajorityofincidents.
Fig7:TopRansomwareActors2025
Qilin–DistributedtargetingwithfocusonConstructionandManufacturingsectors.Akira–Prolificandindiscriminate,targetingavastrangeofindustries.
CL0P–Specializedinhigh-volume,short-burstattacksviazero-dayexploits.
Play–BroadtargetingwithafocusonConstructionandProfessionalServices.
INCRansom–ConsistentactivitytargetingcriticalsectorslikeHealthcareandGovernment.
©2025CybleInc.Allrightsreserved.
14
GLOBALCYBERSECURITYREPORT
Akira:TheEmergingLeader
TheAkiraransomwaregroupemergedasthesecond-mostprolificthreatactorof2025,behind
Qilin.OurdatashowsAkiraconductedasustained,high-tempocampaignthroughouttheyear,
distinguishingitselfthroughitssheervolumeofattacks.
Fig8:SectorsTargetedbyAkirain2025
Thegroupdemonstratedversatilityinitstargeting,successfullycompromisingorganizations
acrossnearlyeverymajorindustryvertical.However,asignificantconcentrationofitsvictims
wasobservedintheConstruction,Manufacturing,andProfessionalServicessectors.Thisfocus
suggestsanopportunisticmodelaimedatorganizationsthatareperceivedtohaveweaker
securityposturesbutarecriticalcogsinlargersupplychains.
©2025CybleInc.Allrightsreserved.
15
GLOBALCYBERSECURITYREPORT
CL0P:TheZero-DaySpecialist
TheCL0Psyndicatereaffirmeditsstatusasahighlysophisticatedthreatactorspecializingin
massexploitation.AmassivespikeinCL0P’sactivitywasobservedinlateFebruary2025,with
hundredsofvictimspostedinasinglewave.ThispatternisconsistentwithCL0P’sestablished
TTPofidentifyingandexploitingzero-dayvulnerabilitiesinwidelyusedenterprisesoftware,
particularlyfiletransfersolutions.
ThevictimsofthiscampaignwerepredominantlyintheConsumerGoods,Transportation&
Logistics,andIT&ITESindustries,reflectingthebroaduserbaseofthelikelyexploitedsoftware.
Fig9:SectorsTargetedbyCl0pin2025
©2025CybleInc.Allrightsreserved.
16
GLOBALCYBERSECURITYREPORT
INCRansomandOtherPersistentThreats
GroupssuchasINCRansommaintainedasteadyoperationaltempo,distinguishingthemselves
bytargetinghigh-pressuresectors.AsignificantportionoftheirvictimswereinHealthcare,
Education,andGovernment,wherethecriticalityofservicesandthesensitivityofdataprovide
attackerswithenhancedleverage.
Fig10:SectorsTargetedbyINCRansomin2025
Similarly,groupslikeDragonforceandFOGcontributedtotheoverallthreatvolume,often
targetingsmalltomedium-sizedbusinesses(SMBs)thatlacktheresourcesforrobust
cybersecuritydefenses.
©2025CybleInc.Allrightsreserved.
17
GLOBALCYBERSECURITYREPORT
IndustryVerticalAnalysis
Thedistributionofattacksacrossindustriesrevealsaclearstrategicfocusbyransomware
groupsonsectorswhereoperationaldisruptionleadstoimmediateandseverefinancial
consequences.
Top5TargetedIndustriesin2025
1.Manufacturing:Asthemost-targetedsector,manufacturingremainsaprimetargetdueto
itsrelianceonOT/ICSenvironments,complexsupplychains,andlowtolerancefordowntime.
Anattackcanhaltproductionlines,leadingtosignificantrevenuelossandcontractual
penalties.
2.Construction:ThissectorwasheavilytargetedbyAkira.Constructionfirmsareattractive
duetotime-sensitiveprojectsandacomplexnetworkofcontractorsandsuppliers,which
canbedisruptedtocreatemaximumpressure.
3.ProfessionalServices:Lawfirms,consultingagencies,andaccountingfirmsaretreasure
trovesofsensitiveclientdata.Abreachinthissectornotonlyprovidesextortionleverage
againstthefirmitselfbutalsoopensavenuesforsupplychainattacksagainstitsclients.
4.Healthcare:Despitebeingaprotectedsector,healthcarecontinuestobeafrequentvictim.
ThecriticalneedfordataavailabilityforpatientcareandthehighvalueofProtectedHealth
Information(PHI)makehealthcareorganizationsalucrativetarget.GroupssuchasBianLian,
Abyss,andINCRansomwerefrequentlyobservedtargetingthisvertical.
5.IT&ITES:Technologycompaniesaretargetedfortheirintellectualpropertyandtheirrole
asserviceproviders.CompromisinganITorManagedServiceProvider(MSP)cancreatea
cascadingeffect,enablingthreatactorstolaunchsupplychainattacksagainstnumerous
downstreamcustomers.
OutlookandPredictions
BasedontheactivityobservedthroughNovember2025,CRILanticipatesthefollowingtrendsfortheremainderoftheyearandinto2026:
•ContinuedDominanceofAkiraandQilin:Barringamajorlawenforcementintervention,Akira
isexpectedtomaintainitspositionasaleadingransomwarethreatduetoitseffectiveand
scalableoperationalmodel.
•TheNextBigExploit:ThesuccessofCL0P’scampaignwillcontinuetoincentivizeelitegroupsto
investheavilyinzero-dayvulnerabilityresearch.Thenextmass-exploitationeventtargeting
aubiquitousenterprisesoftwareisamatterof“when,”not“if.”
•IncreasedRaaSDiversification:ThepowervacuumleftbyLockBitwillencouragethegrowth
ofsmaller,moreagileRaaSoperations,leadingtoamorefragmentedbutequallydangerous
ecosystem.
•DeepeningSupplyChainFocus:ThreatactorswillincreasinglytargetsectorslikeProfessional
ServicesandITnotjustfordirectextortionbutasagatewaytocompromisetheirlarger,
morelucrativeclients.
©2025CybleInc.Allrightsreserved.
18
GLOBALCYBERSECURITYREPORT
CriticalVulnerabilitiesobserved
asZerodaysandKEV
KnownExploitedVulnerabilities
The2025threatlandscapehasbeendominatedbycriticalandhigh-severityvulnerabilities,with
asignificantmajority—over86%ofthe226analyzedCVEs—rated7.0orhigherontheCVSSv3
scale.Thesevulnerabilities,listedinCISA’sKnownExploitedVulnerabilities(KEV)catalog,are
bothindustry-andregion-agnosticanddemandurgentattentionduetoconfirmedactive
exploitation.
ProminentvendorssuchasMicrosoft,Fortinet,andApplehavebeenfrequentlyimpacted,with
flawsspanningawidearrayofproductsincludingnetworksecurityapplianceslikeFortinet’s
FortiGateandCisco’sIdentityServicesEngine,enterpriseplatformsfromOracleandSAP,and
ubiquitoussoftwarelikeMicrosoftOffice.
TheconsistentappearanceofthesewidelydeployedtechnologiesintheKEVcatalogunderscores
thehighlevelofthreatactorinterestincompromisingthemforbroadimpact.Theinclusionof
severalvulnerabilitiesinCisco’sIdentityServicesEngine,somewithaperfect10.0CVSSscore,
highlightsthesevereriskofunauthenticatedremotecodeexecution.
Similarly,multipleflawsinFortinet’sFortiWebandOracle’sIdentityManagerhavebeenactively
exploited,emphasizingthepersistenttargetingofsecurityandidentitymanagementsolutions.
Giventheprovenexploitationofthesevulnerabilitiesinthewild,organizationsarestronglyadvised
toprioritizeimmediatepatching,implementnetworksegmentationtolimitlateralmovement,
andenhancemonitoringcapabilitiestodetectandrespondtopotentialcompromises.
CVEID
Product
Vendor
CVSS(V3)
CVE-2020-2883
WeblogicServer
Oracle
9.8
CVE-2024-41713
Micollab
Mitel
9.1
CVE-2025-0282
IvantiConnectSecure
IvantiConnectSecure
9
CVE-2023-48365
QlikSense
Qlik
9.9
CVE-2024-55591
Fortios
Fortinet
9.8
CVE-2024-50603
Controller
Aviatrix
9.8
CVE-2025-23006
Sma1000
Sonicwall
9.8
CVE-2025-24085
Visionos
Apple
10
CVE-2018-19410
PrtgNetworkMonitor
Paessler
9.8
©2025CybleInc.Allrightsreserved.
19
GLOBALCYBERSECURITYREPORT
CVE-2020-29574
Cyberoamos
Sophos
9.8
CVE-2024-21413
Office
Microsoft
9.8
CVE-2020-15069
XgFirewallFirmware
Sophos
9.8
CVE-2024-53704
Sonicos
Sonicwall
9.8
CVE-2025-0108
CloudNgfw
Paloaltonetworks
9.1
CVE-2025-24989
PowerPages
Microsoft
9.8
CVE-2017-3066
Coldfusion
Adobe
9.8
CVE-2023-34192
Collaboration
Zimbra
9
CVE-2024-49035
PartnerCenter
Microsoft
9.8
CVE-2022-43939
VantaraPentahoBusinessAnalyticsServer
Hitachi
9.8
CVE-2024-4885
WhatsupGold
Progress
9.8
CVE-2025-24201
Visionos
Apple
10
CVE-2025-1316
Ic7100IpCamera
Edimax
9.8
CVE-2019-9874
Cms
Sitecore
9.8
CVE-2024-20439
SmartLicenseUtility
Cisco
9.8
CVE-2025-24813
Tomcat
Apache
9.8
CVE-2025-22457
ConnectSecure
Ivanti
9.8
CVE-2025-31161
Crushftp
Crushftp
9.8
CVE-2025-30406
Centrestack
Gladinet
9.8
CVE-2025-31200
Ipados
Apple
9.8
CVE-2025-31201
Macos
Apple
9.8
CVE-2025-42599
ActiveMail
Qualitia
9.8
CVE-2025-31324
Netweaver
Sap
9.8
CVE-2024-38475
HttpServer
Apache
9.1
CVE-2024-58136
Yii2
Yii2
9.8
CVE-2025-34028
CommandCenterInnovation
Commvault
10
CVE-2025-3248
Langflow
LangflowAi
9.8
CVE-2024-6047
GvVs14Vs14
Geovision
9.8
CVE-2024-11120
GvDspLpr
Geovision
9.8
CVE-2025-32756
Forticamera
Fortinet
9.8
CVE-2024-12987
Vigor300B
Draytek
9.8
CVE-2025-42999
Netweaver
Sap
9.1
©2025CybleInc.Allrightsreserved.
20
GLOBALCYBERSECURITYREPORT
CVE-2025-4632
Magicinfo9Server
SamsungElectronics
9.8
CVE-2021-32030
GtAc2900Firmware
Asus
9.8
CVE-2024-56145
Cms
Craft
9.8
CVE-2025-32433
Otp
Erlang
10
CVE-2024-42009
Webmail
Roundcube
9.3
CVE-2025-24016
Wazuh
Wazuh
9.9
CVE-2024-0769
Dir859
DLink
9.8
CVE-2024-54085
MegaracSpx
Ami
9.8
CVE-2025-6543
NetscalerApplicationDeliveryController
Citrix
9.8
CVE-2014-3931
MultiRouterLookingGlass
MultiRouterLookingGlassProject
9.8
CVE-2016-10033
Phpmailer
PhpmailerProject
9.8
CVE-2025-47812
WingFtpServer
Wftpserver
10
CVE-2025-25257
Fortiweb
Fortinet
9.8
CVE-2025-53770
SharepointEnterpriseServer
Microsoft
9.8
CVE-2025-2776
OnPrem
Sysaid
9.8
CVE-2025-54309
Crushftp
Crushftp
9.8
CVE-2025-20281
IdentityServicesEngine
Cisco
10
CVE-2025-20337
IdentityServicesEngine
Cisco
10
CVE-2025-54948
ApexOne
Trendmicro
9.8
CVE-2025-43300
Macos
Apple
10
CVE-2025-7775
NetscalerApplicationDeliveryController
Citrix
9.8
CVE-2025-57819
Freepbx
Freepbx
9.8
CVE-2025-53690
ExperienceManager
Sitecore
9
CVE-2025-5086
DelmiaApriso
DassaultSystMes
9
CVE-2025-10585
Chrome
G
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 卫生间清洁检查流程手册
- 柑橘溃疡病综合防治手册
- 居家养老服药管理监督操作规范
- 小龙虾池塘高效混养技术管理规范
- 柑橘红蜘蛛螨虫用药指引
- 客户预约排班管理制度规范手册
- 字体与版式设计项目式教程(AI协同)课件
- 妇幼保健院住院楼建设设计方案
- 风电场状态检修方案
- 心理健康量表评估指南
- 建设工程广联达算量标准化要求(内部标准)
- DZ/T 0275.1-2015岩矿鉴定技术规范第1部分:总则及一般规定
- 【青岛海尔公司基于杜邦分析的盈利能力浅析(14000字论文)】
- 矿业公司销售部门管理制度
- 国内信用证买卖合同范本
- 2024年全国新高考1卷(新课标Ⅰ)数学试卷(含答案详解)
- 历年甘肃省三支一扶考试真题题库(含答案详解)
- 六年级语文下册期中复习 课件
- 病理性骨折的护理
- 护士在疼痛管理和控制中的角色和责任
- 防汛知识培训内容
评论
0/150
提交评论