In 2024, the landscape of ransomware attacks will continue to evolve, drawing from past trends while adapting to new defences and technologies.
Learn about seven of the most popular cyber security frameworks being used by businesses around the world.
Under Attack?
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. The flaw stems from the way WinRAR processes alternate data streams (ADSes) within specially crafted archive files.
SonicWall has warned customers to disable SSL VPN services due to ransomware gangs actively exploiting an unknown security vulnerability in SonicWall Generation 7 firewalls to breach networks over the past few weeks.
Over the weekend, Integrity360 has been asked by multiple customers about a recent critical vulnerability (CVE-2025-53770) targeting on-premise instances of Microsoft Sharepoint using a deserialisation flaw. This zero-day has been reportedly widely exploited since mid-July, posing serious risk to any unpatched on-premise Sharepoint environment (Subscription, Server 2016 and Server 2019). Integrity360 wants to reassure customers that the vulnerability does not affect any cloud instances of SharePoint Online of which the majority of organisations are using. On-premise Sharepoint is likely to be converted to (or in the process of) Microsoft 365 across lots of organisations due to the extended end date of Microsoft support running out in the near future.
Cisco has addressed a critical vulnerability, tracked as CVE-2025-20337 ( with a CVSS score of 10), in Identity Services Engine (ISE) and Cisco Identity Services Engine Passive Identity Connector (ISE-PIC). An unauthenticated attacker could trigger the vulnerability to execute arbitrary code on the underlying operating system with root privileges.
On July 8, 2025, Microsoft released its monthly Patch Tuesday update, addressing 130+ vulnerabilities across its product portfolio. This cycle includes 10 critical-rated bugs, with one publicly disclosed zero-day vulnerability affecting Microsoft SQL Server.
Researchers at Watchtowr have released technical details on an exploit for the “CitrixBleed 2” (CVE-2025-5777) vulnerability released on 2025-06-17, leading to the development of a Proof of Concept (PoC) exploit.
Date Issued: 23 June 2025
Severity: Critical (CVSS v4 Score: 9.3)
Affected Product: Citrix NetScaler ADC / Gateway
Vulnerability ID: CVE-2025-5777
Exploitation Status: No confirmed active exploitation (as of advisory release)
CVE-2025-33073 is a critical vulnerability identified in Microsoft Windows Server Message Block (SMB) protocol implementations. This flaw stems from improper access control mechanisms, potentially allowing attackers to escalate privileges over a network to SYSTEM. The vulnerability has been assigned a CVSS v3.1 base score of 8.8, indicating a high-severity risk. An update to address this issue was in Microsoft June Patch Tuesday.
advisory ID: ADV-2025-ALL-05
date issued: 14 May 2025
severity: Critical (CVE-2025-29966), High (CVE-2025-30397)
CVSs scores:
Both high severity vulnerabilities reside in Google Chrome and are exploitable via a specially crafted HTML page. CVE-2025-5063 is a “Use after free” vulnerability that resides in the compositing subsystem of the browser whereby improper memory management when the browser renders layered page elements leads to a potential hijack of control flows during DOM manipulations. CVE-2025-5280 is an “out of bounds” exploit in the JavaScript V8 engine that could potentially allow arbitrary code to execute outside of the JavaScript sandbox, meaning it’s run natively on the target system.
