EvilBit Threat Digest - Your Scanner Just Got Smarter

It’s KryptoKat. Some weeks are a sprint to patch a single, screaming zero-day. Others are a marathon of steady, programmatic work. This is one of the latter. While the world wasn’t ending, the tools we rely on to find the cracks in our foundations got a little sharper. It’s the kind of quiet update that doesn’t make headlines but absolutely makes a difference when you’re staring down a compliance report or hunting for latent risk.

My other half, UncleSp1d3r, calls it "sharpening the axe." He claims it’s less glamorous than swinging it, but you can’t chop down much with a dull blade. He’s not wrong.

Nessus Plugin Refresh: More Detections for Your Scanning Pleasure

For those of us running vulnerability management programs, this week brought a noteworthy plugin update from Tenable for Nessus. The release adds a broad set of new detection capabilities, giving us better visibility into a whole slew of vulnerabilities across the enterprise stack. It’s a welcome refresh that lights up risks in everything from NAS appliances to core Linux infrastructure.

The update expands coverage for QNAP devices, multiple major Linux distributions (including Oracle Linux, Red Hat, Debian, Fedora, and openSUSE), FreeBSD, and Paessler’s PRTG Network Monitor. The new plugins cover a wide array of CVEs, including some that have patches available and, more interestingly, several currently unpatched flaws in the Linux kernel. This mix is particularly useful, helping teams prioritize both immediate patching efforts and compensating controls for issues that are still waiting on a fix.

Beyond specific CVEs, Tenable also added a few general-purpose checks for TLS configurations and weak cipher suites. These are always a nice bonus--less about a specific vulnerability and more about hardening the front door. Kicking off a fresh scan cycle with these updated plugins should be on your to-do list. It’s the simple, effective blocking and tackling that keeps the house in order.

So, update your scanners, run your discovery scans, and enjoy the slightly-more-accurate picture of your attack surface. It may not be glamorous, but it’s the work that matters. Or as Sp1d3r would say, "Great. More things to find, more tickets to file." He’s a romantic.

-- KryptoKat & UncleSp1d3r

Covered Vulnerabilities & Products

For those tracking specific CVEs and platforms, this Nessus update adds or improves detection for issues including, but not limited to:

• Products: QNAP, Oracle Linux, Red Hat Enterprise Linux, Debian, Fedora, openSUSE, FreeBSD, Paessler PRTG Network Monitor, and the Linux kernel.
• CVEs: CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-49844, CVE-2023-53401, CVE-2023-53539, CVE-2022-50543, CVE-2025-64505, CVE-2025-64506, CVE-2025-64720, CVE-2025-65018, CVE-2025-66293, CVE-2025-46404, CVE-2025-46705, CVE-2025-46784, CVE-2025-47151, CVE-2025-59820, CVE-2025-13947, CVE-2025-43458, CVE-2025-66287, CVE-2018-15853, CVE-2018-15859, CVE-2018-15861, CVE-2018-15863, CVE-2025-13223, CVE-2025-13224, CVE-2018-9276, CVE-2018-19410, CVE-2025-40323, CVE-2025-66564, CVE-2025-40317, CVE-2025-66418, CVE-2025-40309, CVE-2025-32900, CVE-2025-40272, CVE-2025-40303, CVE-2025-66570, CVE-2025-40322, CVE-2025-40235, CVE-2022-50583.