Trending CVEs on 29/5/25:
CVE-2021-43883 / Microsoft Windows / Privilege Escalation
CVE-2023-38879 / openSIS / Path Traversal
CVE-2024-51211 / openSIS / SQL Injection
CVE-2025-46176 / D-Link / Hardcoded Credentials
Learn More:
https://vedas.arpsyndicate.io
CVE-2021-43883 / Microsoft Windows / Privilege Escalation
CVE-2023-38879 / openSIS / Path Traversal
CVE-2024-51211 / openSIS / SQL Injection
CVE-2025-46176 / D-Link / Hardcoded Credentials
Learn More:
https://vedas.arpsyndicate.io
Using KEV or EPSS? Time to try VEDAS.
This webinar exposes the limitations of CISA KEV and FIRST EPSS, and introduces you to a leading prioritization standard: real-time, firsthand exploit intelligence from VEDAS.
Designed to see what the others miss, VEDAS gives security teams early warning on exploitable vulnerabilities that haven't hit the KEV or EPSS radar yet.
You'll Learn:
1. Why KEV and EPSS are failing your prioritization strategy
2. What makes VEDAS different: early warning, greater coverage, and expertise
3. How to integrate VEDAS via Exploit Observer API within your SOC or VM workflow
Who Should Attend:
CISOs, Threat Intel Analysts, Vulnerability Managers, SOC Leads, and anyone tired of relying on stale vulnerability intel.
Duration: 40 minutes + Q&A
Date & Time: To be communicated via Email
Register: https://webinar.arpsyndicate.io
This webinar exposes the limitations of CISA KEV and FIRST EPSS, and introduces you to a leading prioritization standard: real-time, firsthand exploit intelligence from VEDAS.
Designed to see what the others miss, VEDAS gives security teams early warning on exploitable vulnerabilities that haven't hit the KEV or EPSS radar yet.
You'll Learn:
1. Why KEV and EPSS are failing your prioritization strategy
2. What makes VEDAS different: early warning, greater coverage, and expertise
3. How to integrate VEDAS via Exploit Observer API within your SOC or VM workflow
Who Should Attend:
CISOs, Threat Intel Analysts, Vulnerability Managers, SOC Leads, and anyone tired of relying on stale vulnerability intel.
Duration: 40 minutes + Q&A
Date & Time: To be communicated via Email
Register: https://webinar.arpsyndicate.io
Why VEDAS Beats KEV & EPSS?
Well, VEDAS is powered by the world’s largest vulnerability and exploit database.
KEV is reactive. EPSS is probabilistic.
VEDAS is proactive, intelligent, autonomous and built for real-world defense.
Join us to see how VEDAS changes the vulnerability management game.
https://webinar.arpsyndicate.io
#CyberSecurity #ThreatIntel #VulnIntel #VulnerabilityManagement #DFIR #InfoSec #Tech #Technology
Well, VEDAS is powered by the world’s largest vulnerability and exploit database.
KEV is reactive. EPSS is probabilistic.
VEDAS is proactive, intelligent, autonomous and built for real-world defense.
Join us to see how VEDAS changes the vulnerability management game.
https://webinar.arpsyndicate.io
#CyberSecurity #ThreatIntel #VulnIntel #VulnerabilityManagement #DFIR #InfoSec #Tech #Technology
EPSS IS A LAGGING INDICATOR.
That’s where VEDAS steps ahead.
VEDAS is designed to proactively identify exploitable vulnerabilities before they hit mainstream threat intelligence feeds like KEV or EPSS.
https://github.com/ARPSyndicate/cve-scores
By leveraging the world’s largest vulnerability and exploit database, VEDAS provides early warning and a broader, more forward-looking perspective.
Register now for our exclusive webinar to discover more:
https://webinar.arpsyndicate.io
That’s where VEDAS steps ahead.
VEDAS is designed to proactively identify exploitable vulnerabilities before they hit mainstream threat intelligence feeds like KEV or EPSS.
https://github.com/ARPSyndicate/cve-scores
By leveraging the world’s largest vulnerability and exploit database, VEDAS provides early warning and a broader, more forward-looking perspective.
Register now for our exclusive webinar to discover more:
https://webinar.arpsyndicate.io
CFP Directory: Connect speakers with events and help organizers find the perfect speakers. A dual-purpose platform for the entire tech community - https://cfp.directory
Whether you're a speaker looking for your next opportunity or an organizer seeking the perfect lineup, CFP Directory has everything you need to succeed - https://cfp.directory/features
Upcoming Events:
Out Of The Box | Bangkok - https://cfp.directory/events/out-of-the-box-bangkok-2025
Whether you're a speaker looking for your next opportunity or an organizer seeking the perfect lineup, CFP Directory has everything you need to succeed - https://cfp.directory/features
Upcoming Events:
Out Of The Box | Bangkok - https://cfp.directory/events/out-of-the-box-bangkok-2025
This media is not supported in your browser
VIEW IN TELEGRAM
Another bleeding-edge version of VEDAS is out now 🎉🥳
Many network-exploitable vulnerabilities, such as CVE-2025-47188, remains delayed, poorly documented and lack meaningful enrichment. Despite being actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS or proprietary vulnerability databases.
VEDAS can be used for Mining Exploit Intelligence linked to vulnerability identifiers like CVE, EUVD, CNNVD, and BDU and can be helpful in developing custom Nuclei templates and extending its coverage, supporting the growing community of security teams, researchers, and ASM providers.
Read More: https://www.osintteam.com/mining-exploit-intelligence-to-develop-custom-nuclei-templates-for-cve-euvd-cnnvd-bdu/
Many network-exploitable vulnerabilities, such as CVE-2025-47188, remains delayed, poorly documented and lack meaningful enrichment. Despite being actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS or proprietary vulnerability databases.
VEDAS can be used for Mining Exploit Intelligence linked to vulnerability identifiers like CVE, EUVD, CNNVD, and BDU and can be helpful in developing custom Nuclei templates and extending its coverage, supporting the growing community of security teams, researchers, and ASM providers.
Read More: https://www.osintteam.com/mining-exploit-intelligence-to-develop-custom-nuclei-templates-for-cve-euvd-cnnvd-bdu/
On 9th August 2018, the concept of Exploit/Exploitation Prediction was first introduced at BlackHat, followed by the publication of its first paper on 30th August 2019. EPSS initially prioritized mass exploitation indicators over concrete exploit evidence. While recent updates have added exploit data, these rely on only a handful of sources, resulting in narrow coverage, a lot of false negatives, and delayed recognition of active threats.
Moreover, EPSS and similar systems still lack the ability to fully interpret exploit intelligence. They cannot reliably or autonomously map exploits to CVEs with sufficient accuracy, which limits their real-world effectiveness. VEDAS provides a far more reliable alternative to EPSS. Unlike EPSS, VEDAS does not attempt to predict future exploitation; instead, it estimates the prevalence of a vulnerability identifier and the maturity of its associated exploits.
It has now been five years since the idea of using a score to “predict” or “estimate” the likelihood of CVE exploitation within the next 30 days was proposed—though. Till this date, there is no evidence explaining how or why this 30-day timeframe was chosen or supporting if these prediction, that is just based on mass exploitation and public exploits, can actually be validated by the cybersecurity community as factor that can predict exploitation before mass exploitation trend or exploits appear. Hence, from the outset, we have consistently cautioned against this predictive narrative.
Register for our upcoming webinar to learn more:
https://webinar.arpsyndicate.io
Moreover, EPSS and similar systems still lack the ability to fully interpret exploit intelligence. They cannot reliably or autonomously map exploits to CVEs with sufficient accuracy, which limits their real-world effectiveness. VEDAS provides a far more reliable alternative to EPSS. Unlike EPSS, VEDAS does not attempt to predict future exploitation; instead, it estimates the prevalence of a vulnerability identifier and the maturity of its associated exploits.
It has now been five years since the idea of using a score to “predict” or “estimate” the likelihood of CVE exploitation within the next 30 days was proposed—though. Till this date, there is no evidence explaining how or why this 30-day timeframe was chosen or supporting if these prediction, that is just based on mass exploitation and public exploits, can actually be validated by the cybersecurity community as factor that can predict exploitation before mass exploitation trend or exploits appear. Hence, from the outset, we have consistently cautioned against this predictive narrative.
Register for our upcoming webinar to learn more:
https://webinar.arpsyndicate.io
❤3
Anthropic reported that in mid-September 2025 a Chinese state-sponsored group ran a large espionage campaign using AI agents to carry out most of the work. About 30 organizations in tech, finance, manufacturing and government were targeted. The attackers used their AI system with Claude Code to handle reconnaissance, vulnerability finding, credential harvesting, back-door setup, data theft and record keeping, while humans stepped in only a few times per operation.
https://www.anthropic.com/news/disrupting-AI-espionage
https://www.anthropic.com/news/disrupting-AI-espionage
Eugenio Benincasa writes that in China’s case, many government disclosures by the U.S. and other Western countries have pointed to APT groups and individual operators allegedly linked to provincial bureaus of the Ministry of State Security (MSS), China’s premier civilian intelligence agency. These bureaus function as the operational nerve centres of China’s cyber apparatus. The MSS is not a monolith: it is highly provincialized, with bureaus that cultivate their own bureaucratic interests, talent pipelines, and trusted ecosystems of companies and individual professionals and researchers.
https://nattothoughts.substack.com/p/the-many-arms-of-the-mss-why-provincial
https://nattothoughts.substack.com/p/the-many-arms-of-the-mss-why-provincial
Substack
The Many Arms of the MSS: Why Provincial Bureaus Matter in China’s Cyber Operations
Provincial bureaus of the Chinese Ministry of State Security likely operate with their own tasking priorities, resources, and local ecosystems for cyber operations
vedas-webinar.pdf
8 MB
Vulnerability prioritization frameworks such as KEV and EPSS are fundamentally limited because they rely on mass exploitation telemetry and sensor-network–driven signals that act as lagging indicators and miss emerging, high-impact threats. These systems overemphasize low-effort, automated exploitation activity, lack full-spectrum exploit intelligence, and are unable to reliably interpret exploit artifacts or autonomously map them to CVE, resulting in false negatives and delayed response.
In contrast, ARPSyndicate’s Vulnerability & Exploit Data Aggregation System (VEDAS) (https://vedas.arpsyndicate.io) is an early-warning standard that crawls, comprehends, and clusters real-world exploit artifacts globally, assigns its own identifiers to exploitable vulnerabilities, and prioritizes exploit maturity and discovery over noisy mass-exploitation metrics. This approach enabled VEDAS to consistently outperform EPSS and KEV throughout 2025 by surfacing actionable threats before they appeared on conventional radars.
In contrast, ARPSyndicate’s Vulnerability & Exploit Data Aggregation System (VEDAS) (https://vedas.arpsyndicate.io) is an early-warning standard that crawls, comprehends, and clusters real-world exploit artifacts globally, assigns its own identifiers to exploitable vulnerabilities, and prioritizes exploit maturity and discovery over noisy mass-exploitation metrics. This approach enabled VEDAS to consistently outperform EPSS and KEV throughout 2025 by surfacing actionable threats before they appeared on conventional radars.
Today, we introduce the VEDAS-driven autonomous generation of Suricata rules for CVEs on GitHub.
This repository is intended to function as an open, collaborative validation environment for Suricata rules autonomously produced by ARPSyndicate’s Vulnerability & Exploit Data Aggregation System (VEDAS). While VEDAS is often associated with offensive research, its capabilities extend strongly into defensive security as well.
Although AI enables the rapid, large-scale generation of detection rules from vulnerability and exploit intelligence, effective security detection depends on transparency, human oversight, and validation in real-world conditions.
By releasing these AI-generated rules openly, we aim to empower the security community to review, test, and refine detection logic through issues and pull requests.
Our objective is to combine AI-driven automation with open-source collaboration to enhance reliability and accelerate intelligence-led detection engineering for everyone.
https://github.com/ARPSyndicate/suricata-vedas
This repository is intended to function as an open, collaborative validation environment for Suricata rules autonomously produced by ARPSyndicate’s Vulnerability & Exploit Data Aggregation System (VEDAS). While VEDAS is often associated with offensive research, its capabilities extend strongly into defensive security as well.
Although AI enables the rapid, large-scale generation of detection rules from vulnerability and exploit intelligence, effective security detection depends on transparency, human oversight, and validation in real-world conditions.
By releasing these AI-generated rules openly, we aim to empower the security community to review, test, and refine detection logic through issues and pull requests.
Our objective is to combine AI-driven automation with open-source collaboration to enhance reliability and accelerate intelligence-led detection engineering for everyone.
https://github.com/ARPSyndicate/suricata-vedas
GitHub
GitHub - ARPSyndicate/suricata-vedas: VEDAS-Driven Autonomous Generation of Suricata Rules for CVEs
VEDAS-Driven Autonomous Generation of Suricata Rules for CVEs - ARPSyndicate/suricata-vedas