CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China. According to QiAnXin's RedDrip Team, the threat actor has been active since 2023 and has switched network
Source: TheHackerNews
July 4th, 2025 (2 days ago)
Source: TheRegister
July 3rd, 2025 (3 days ago)
Description: ​Microsoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites. [...]
Source: BleepingComputer
July 3rd, 2025 (3 days ago)
Description: Microsoft said it has spent years monitoring North Korea’s campaign to get its citizens hired in IT roles at U.S. companies and recently saw changes in how the campaign operates.
Source: The Record
July 3rd, 2025 (3 days ago)
Description: Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled phone numbers.
Source: Dark Reading
July 3rd, 2025 (3 days ago)
Description: Microsoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service. [...]
Source: BleepingComputer
July 3rd, 2025 (3 days ago)
Description: Microsoft asked customers this week to disregard incorrect Windows Firewall errors that appear after rebooting their systems following the installation of the June 2025 preview update. [...]
Source: BleepingComputer
July 3rd, 2025 (4 days ago)
Description: Several Call of Duty: WWII players on PC are reporting being hacked mid-game via a Remote Code Execution (RCE) exploit, just days after the title was added to Microsoft’s Game Pass lineup. The reports suggest that attackers are able to remotely run code on victims’ machines during gameplay, raising serious concerns about the security of … The post Call of Duty: WWII Game Pass Launch Stained by Reports of RCE Attacks appeared first on CyberInsider.
Source: CyberInsider
July 3rd, 2025 (4 days ago)

CVE-2025-34091

Description: A padding oracle vulnerability exists in Google Chrome’s AppBound cookie encryption mechanism due to observable decryption failure behavior in Windows Event Logs when handling malformed ciphertext in SYSTEM-DPAPI-encrypted blobs. A local attacker can repeatedly send malformed ciphertexts to the Chrome elevation service and distinguish between padding and MAC errors, enabling a padding oracle attack. This allows partial decryption of the SYSTEM-DPAPI layer and eventual recovery of the user-DPAPI encrypted cookie key, which is trivially decrypted by the attacker’s own context. This issue undermines the core purpose of AppBound Encryption by enabling low-privileged cookie theft through cryptographic misuse and verbose error feedback. Confirmed in Google Chrome with AppBound Encryption enabled. Other Chromium-based browsers may be affected if they implement similar COM-based encryption mechanisms. This behavior arises from a combination of Chrome’s AppBound implementation and the way Microsoft Windows DPAPI reports decryption failures via Event Logs. As such, the vulnerability relies on cryptographic behavior and error visibility in all supported versions of Windows.

CVSS: HIGH (8.8)

EPSS Score: 0.0%

SSVC Exploitation: poc

Source: CVE
July 2nd, 2025 (4 days ago)

CVE-2025-49713

Description: Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVSS: HIGH (8.8)

EPSS Score: 0.18%

Source: CVE
July 2nd, 2025 (4 days ago)