CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Coker: We can’t have economic prosperity or national security without cybersecurity Description: Coker spoke to Recorded Future News about his time as National Cyber Director, what he considers his biggest successes and what he would tell his replacement – who is currently going through the confirmation process. Source: The Record June 13th, 2025 (3 minutes ago)
	GC Kul Targeted the Website of Wholesale Shikshuk Description: GC Kul Targeted the Website of Wholesale Shikshuk Source: DarkWebInformer June 13th, 2025 (18 minutes ago)
	Discord flaw lets hackers reuse expired invites in malware campaign Description: Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware. [...] Source: BleepingComputer June 13th, 2025 (18 minutes ago)
	Behind the Blog: Advertising and Aircraft Description: This week, we discuss advertising, protests, and aircraft. Source: 404 Media June 13th, 2025 (18 minutes ago)
	Islamic Hacker Army Targeted the Website of Iranian Ministry of Economy and Finance Description: Islamic Hacker Army Targeted the Website of Iranian Ministry of Economy and Finance Source: DarkWebInformer June 13th, 2025 (about 1 hour ago)
CVE-2025-6030	Autoeastern Smart Keyless Entry System Replay Attack Description: Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador. CVSS: CRITICAL (9.4) SSVC Exploitation: none Source: CVE June 13th, 2025 (about 1 hour ago)
CVE-2025-6029	KIA-branded Aftermarket Generic Smart Keyless Entry System Replay Attack Description: Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket Generic Smart Keyless Entry System, primarily distributed in Ecuador, which allows a replay attack. Manufacture is unknown at the time of release. CVE Record will be updated once this is clarified. CVSS: CRITICAL (9.4) SSVC Exploitation: none Source: CVE June 13th, 2025 (about 1 hour ago)
CVE-2025-36633	Local Privilege Escalation Description: In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation. CVSS: HIGH (8.8) SSVC Exploitation: none Source: CVE June 13th, 2025 (about 1 hour ago)
CVE-2025-36631	Local Privilege Escalation Description: In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege. CVSS: HIGH (8.4) SSVC Exploitation: none Source: CVE June 13th, 2025 (about 1 hour ago)
	Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers Description: Proofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts. Source: Dark Reading June 13th, 2025 (about 1 hour ago)