SENTINEL INTELLIGENCE PROTOCOL  ·  TLP:WHITE  ·  AUTHORIZED DISTRIBUTION ONLY

BREAKING
CRITICAL · CVE-2025-7731 actively exploited in Fortinet FortiGate — CISA Emergency Directive 25-04 issued — patch immediatelyAPT28 attributed to coordinated attacks on European energy grid infrastructure — NATO cyber alliance emergency session convenedNew Windows CLFS kernel zero-day exploited in targeted campaigns against defense contractors — patch in KB5040528FBI: $4.73B lost to cybercrime in FY2024 — ransomware primary vector for critical infrastructure attacks for third consecutive yearJoint FBI-Europol operation dismantles 403,000-node HYDRUS botnet across 47 countries — three arrests confirmedCloudflare reports 412% surge in DDoS amplification attacks targeting financial services sector Q1 2025Salt Typhoon remains active in U.S. telecommunications networks — Senate Intelligence Committee briefed on scopeCRITICAL · CVE-2025-7731 actively exploited in Fortinet FortiGate — CISA Emergency Directive 25-04 issued — patch immediatelyAPT28 attributed to coordinated attacks on European energy grid infrastructure — NATO cyber alliance emergency session convenedNew Windows CLFS kernel zero-day exploited in targeted campaigns against defense contractors — patch in KB5040528FBI: $4.73B lost to cybercrime in FY2024 — ransomware primary vector for critical infrastructure attacks for third consecutive yearJoint FBI-Europol operation dismantles 403,000-node HYDRUS botnet across 47 countries — three arrests confirmedCloudflare reports 412% surge in DDoS amplification attacks targeting financial services sector Q1 2025Salt Typhoon remains active in U.S. telecommunications networks — Senate Intelligence Committee briefed on scope
HOME/VULNERABILITIES

INTELLIGENCE CATEGORY

Vulnerabilities

2 BRIEFS INDEXED

VULNERABILITIESCRITICAL

CISA Issues Emergency Directive Following Confirmed FortiGate Zero-Day Exploitation

Emergency Directive 25-04 mandates federal agencies apply critical patches to Fortinet FortiGate SSL-VPN appliances within 48 hours after confirmation of active exploitation by a nation-state adversary.

Devon Marchetti·2025-06-11
CRITICAL INFRASTRUCTURECRITICAL

Zero-Day in Siemens SCADA Software Actively Exploited Across 340 North American Grid Operators

A previously undisclosed vulnerability in Siemens WinCC OA SCADA software has been confirmed under active exploitation by a threat actor assessed with high confidence as a nation-state affiliate targeting energy grid control infrastructure.

Marcus Reinholt·2025-06-10