VEDAS Scores for CVEs (https://github.com/ARPSyndicate/cve-scores) is a more reliable, capable, and intelligence-driven alternative to EPSS.
LinkedIn Post: https://www.linkedin.com/posts/glatisant_vulnerability-vulnintel-vulnrichment-activity-7331612428687884288-BIDG
LinkedIn Post: https://www.linkedin.com/posts/glatisant_vulnerability-vulnintel-vulnrichment-activity-7331612428687884288-BIDG
Sean Heelan discovered a critical zero-day vulnerability, CVE-2025-37899 in the Linux kernel's ksmbd module using OpenAI's o3 language model. This marks one of the first instances where a large language model has independently identified a complex kernel-level security flaw.
https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/
https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/
Sean Heelan's Blog
How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation
In this post I’ll show you how I found a zeroday vulnerability in the Linux kernel using OpenAI’s o3 model. I found the vulnerability with nothing more complicated than the o3 API ̵…
Trending CVEs on 28/5/25:
CVE-2024-13946 / ABB Cylon / Binary Planting
CVE-2025-2636 / Wordpress / Local File Inclusion
CVE-2025-24118 / MacOS / Race Condition
CVE-2025-32756 / Fortinet / Stack Overflow
Learn More:
https://vedas.arpsyndicate.io
CVE-2024-13946 / ABB Cylon / Binary Planting
CVE-2025-2636 / Wordpress / Local File Inclusion
CVE-2025-24118 / MacOS / Race Condition
CVE-2025-32756 / Fortinet / Stack Overflow
Learn More:
https://vedas.arpsyndicate.io
In late October 2024, GTIG identified a compromised government website being used to distribute malware targeting multiple other government organizations. This site delivered a malware strain named TOUGHPROGRESS which utilized Google Calendar as a command and control (C2) mechanism.
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics
Google Cloud Blog
Mark Your Calendar: APT41 Innovative Tactics | Google Cloud Blog
❤1
Trending CVEs on 29/5/25:
CVE-2021-43883 / Microsoft Windows / Privilege Escalation
CVE-2023-38879 / openSIS / Path Traversal
CVE-2024-51211 / openSIS / SQL Injection
CVE-2025-46176 / D-Link / Hardcoded Credentials
Learn More:
https://vedas.arpsyndicate.io
CVE-2021-43883 / Microsoft Windows / Privilege Escalation
CVE-2023-38879 / openSIS / Path Traversal
CVE-2024-51211 / openSIS / SQL Injection
CVE-2025-46176 / D-Link / Hardcoded Credentials
Learn More:
https://vedas.arpsyndicate.io
Using KEV or EPSS? Time to try VEDAS.
This webinar exposes the limitations of CISA KEV and FIRST EPSS, and introduces you to a leading prioritization standard: real-time, firsthand exploit intelligence from VEDAS.
Designed to see what the others miss, VEDAS gives security teams early warning on exploitable vulnerabilities that haven't hit the KEV or EPSS radar yet.
You'll Learn:
1. Why KEV and EPSS are failing your prioritization strategy
2. What makes VEDAS different: early warning, greater coverage, and expertise
3. How to integrate VEDAS via Exploit Observer API within your SOC or VM workflow
Who Should Attend:
CISOs, Threat Intel Analysts, Vulnerability Managers, SOC Leads, and anyone tired of relying on stale vulnerability intel.
Duration: 40 minutes + Q&A
Date & Time: To be communicated via Email
Register: https://webinar.arpsyndicate.io
This webinar exposes the limitations of CISA KEV and FIRST EPSS, and introduces you to a leading prioritization standard: real-time, firsthand exploit intelligence from VEDAS.
Designed to see what the others miss, VEDAS gives security teams early warning on exploitable vulnerabilities that haven't hit the KEV or EPSS radar yet.
You'll Learn:
1. Why KEV and EPSS are failing your prioritization strategy
2. What makes VEDAS different: early warning, greater coverage, and expertise
3. How to integrate VEDAS via Exploit Observer API within your SOC or VM workflow
Who Should Attend:
CISOs, Threat Intel Analysts, Vulnerability Managers, SOC Leads, and anyone tired of relying on stale vulnerability intel.
Duration: 40 minutes + Q&A
Date & Time: To be communicated via Email
Register: https://webinar.arpsyndicate.io
Why VEDAS Beats KEV & EPSS?
Well, VEDAS is powered by the world’s largest vulnerability and exploit database.
KEV is reactive. EPSS is probabilistic.
VEDAS is proactive, intelligent, autonomous and built for real-world defense.
Join us to see how VEDAS changes the vulnerability management game.
https://webinar.arpsyndicate.io
#CyberSecurity #ThreatIntel #VulnIntel #VulnerabilityManagement #DFIR #InfoSec #Tech #Technology
Well, VEDAS is powered by the world’s largest vulnerability and exploit database.
KEV is reactive. EPSS is probabilistic.
VEDAS is proactive, intelligent, autonomous and built for real-world defense.
Join us to see how VEDAS changes the vulnerability management game.
https://webinar.arpsyndicate.io
#CyberSecurity #ThreatIntel #VulnIntel #VulnerabilityManagement #DFIR #InfoSec #Tech #Technology
❤1
EPSS IS A LAGGING INDICATOR.
That’s where VEDAS steps ahead.
VEDAS is designed to proactively identify exploitable vulnerabilities before they hit mainstream threat intelligence feeds like KEV or EPSS.
https://github.com/ARPSyndicate/cve-scores
By leveraging the world’s largest vulnerability and exploit database, VEDAS provides early warning and a broader, more forward-looking perspective.
Register now for our exclusive webinar to discover more:
https://webinar.arpsyndicate.io
That’s where VEDAS steps ahead.
VEDAS is designed to proactively identify exploitable vulnerabilities before they hit mainstream threat intelligence feeds like KEV or EPSS.
https://github.com/ARPSyndicate/cve-scores
By leveraging the world’s largest vulnerability and exploit database, VEDAS provides early warning and a broader, more forward-looking perspective.
Register now for our exclusive webinar to discover more:
https://webinar.arpsyndicate.io
CFP Directory: Connect speakers with events and help organizers find the perfect speakers. A dual-purpose platform for the entire tech community - https://cfp.directory
Whether you're a speaker looking for your next opportunity or an organizer seeking the perfect lineup, CFP Directory has everything you need to succeed - https://cfp.directory/features
Upcoming Events:
Out Of The Box | Bangkok - https://cfp.directory/events/out-of-the-box-bangkok-2025
Whether you're a speaker looking for your next opportunity or an organizer seeking the perfect lineup, CFP Directory has everything you need to succeed - https://cfp.directory/features
Upcoming Events:
Out Of The Box | Bangkok - https://cfp.directory/events/out-of-the-box-bangkok-2025