Week 10 of 2025

In this week's Threat Intelligence Briefing

• Advisory: Cisco warns of Webex for BroadWorks flaw exposing credentials
• CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226: Broadcom fixes three VMware zero-days exploited in attacks
• CVE-2025-0288, CVE-2025-0287, CVE-2025-0286, CVE-2025-0285, CVE-2025-0289: Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
• CVE-2024-50302: Google fixes Android zero-day exploited by Serbian authorities
• Advisory: CISA tags Windows, Cisco vulnerabilities as actively exploited
• Advisory: Fake BianLian Ransom Notes Mailed to US CEOs in Postal Mail Scam

Brought to you by Joey Vandegrift and Brad Causey, CISSP at SecurIT360

Typosquatting - - How and Why It Works And How To Defend Against It