criticalVulnerabilities & Exploits
Critical CVSS 10.0 Quest KACE Exploit, IRS Phishing Campaign, and Supply Chain Attacks Dominate Threat Landscape
Arctic Wolf reports active exploitation of CVE-2025-32975 (CVSS 10.0) in Quest KACE systems, while Microsoft warns of tax season phishing campaigns affecting 29,000 users and deploying RMM malware. A supply chain attack on Trivy has spread infostealer malware through compromised Docker images.
The Hacker News, Qualys, SANS ISC, MSRC Security Updates
quest-kacesupply-chain-attackphishing