Threat Intelligence Report

The most severe security findings today have been identified in a range of software and hardware, including IBM Cognos Analytics, Digigram PYKO-OUT AoIP devices, Honeywell MB-Secure alarm panels, WSO2 API Manager, Windows Deployment Services, and OttoKit WordPress plugin. The urgency of these vulnerabilities varies, but they all require immediate attention due to their impact and the potential for exploitation.

IBM Cognos Analytics has critical vulnerabilities that demand urgent patching. Digigram PYKO-OUT AoIP devices are exposed to attacks due to missing default password, which may grant unauthorized access to malicious actors. Honeywell's MB-Secure alarm panels have been compromised by a critical vulnerability identified as CVE-2025-2605, scoring a staggering 9.9 on the CVSS scale. Another critical XXE vulnerability, CVE-2025-2905 with a CVSS score of 9.1, has been found in WSO2 API Manager.

An unauthenticated DoS vulnerability has also been discovered that can crash Windows Deployment Services; unfortunately, there is currently no patch available. OttoKit WordPress plugin was identified with a critical flaw, CVE-2025-27007, that is already being exploited after disclosure, putting over 100,000 sites at risk. This situation highlights the importance of timely patching following vulnerability disclosure to prevent potential exploits.

Furthermore, Microsoft has announced that it will stop Skype and delete user data in 2026, which may have implications for user privacy and data storage. Google has also released Android updates to patch the recently attacked FreeType vulnerability, reinforcing the need for regular software updates to maintain security.

The analysis of critical security findings as of May 06, 2025, reveals numerous vulnerabilities, active threats, and significant security events, necessitating immediate action by the relevant parties. One of the most critical vulnerabilities identified today is linked to IBM Cognos Analytics. This vulnerability demands urgent patching, as it poses a severe risk to the software's security integrity. If left unaddressed, it could potentially expose sensitive data and compromise the larger network's security, thereby disrupting business operations and damaging reputations. Moving forward, Digigram PYKO-OUT AoIP devices have been discovered to be at risk due to the absence of a default password. This lapse in basic security protocol leaves these devices exposed to unauthorized access and potential exploitation. As such, it's crucial for users to establish robust passwords to safeguard against these threats, protecting their systems from any malicious intent. Next, critical vulnerabilities have been found in Honeywell MB-Secure Alarm Panels (CVE-2025-2605) and WSO2 API Manager (CVE-2025-2905). The CVSS scores of 9.9 and 9.1 respectively underscore the severity of these vulnerabilities. These issues could allow unauthorized users to bypass the security measures in place and gain access to the system's operations, potentially causing significant harm. A high-severity unauthenticated DoS vulnerability, which has the potential to crash the Windows Deployment Services, was also identified. Unfortunately, presently, there is no patch available to address this issue. This vulnerability poses an imminent threat as it could lead to significant downtime, disrupting business operations. In addition, a critical flaw in OttoKit WordPress Plugin (CVE-2025-27007) is currently being exploited. Over 100,000 sites are at risk following the vulnerability’s disclosure. This situation is particularly alarming, as the exploitation of this flaw could lead to unauthorized data access, disruption of service, or worse, system takeover by malicious parties. Lastly, on a broader scale, Microsoft has announced that it will stop Skype and remove user data in 2026. Google, on the other hand, has issued Android updates to address the attacked FreeType-leak. These highlight the ongoing challenges in maintaining secure communication channels and the importance of companies taking proactive measures to safeguard user data. In conclusion, today's security landscape is characterized by a multitude of critical and high-severity vulnerabilities. It is imperative to act promptly to patch these vulnerabilities, employ robust security measures, and keep abreast of the latest security developments to mitigate potential threats and maintain a secure operating environment.