CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Vibe Coding Changed the Development Process
Description: AI tools changed your development process. Now product security must change too.
Source: Dark Reading
May 30th, 2025 (16 days ago)
New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data
Description: A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages. "This campaign leverages deceptive CAPTCHA verification pages that trick users into executing a malicious PowerShell script, which ultimately deploys the infostealer, harvesting sensitive data such as
Source: TheHackerNews
May 30th, 2025 (16 days ago)
Alleged data breach of Deloitte – Internal GitHub Credentials and Source Code Leaked
Description: Alleged data breach of Deloitte – Internal GitHub Credentials and Source Code Leaked
Source: DarkWebInformer
May 30th, 2025 (16 days ago)
Meta says it disrupted influence operations linked to China, Iran, Romania
Description: The latest report from Meta on social media influence operations tracked some low-impact campaigns to China, Iran and Romania.
Source: The Record
May 30th, 2025 (16 days ago)
Alleged data breach of Sucive – Uruguay’s Vehicle Tax and Registration Network
Description: Alleged data breach of Sucive – Uruguay’s Vehicle Tax and Registration Network
Source: DarkWebInformer
May 30th, 2025 (16 days ago)
Tenable to Acquire AI Security Startup Apex
Description: Apex will enhance Tenable's AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existing security policies.
Source: Dark Reading
May 30th, 2025 (16 days ago)

CVE-2025-4433
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User...
Description: Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier allows a non-administrative user with both "User Management" and "User Group Management" permissions to perform privilege escalation by adding users to groups with administrative privileges.

EPSS Score: 0.04%

Source: CVE
May 30th, 2025 (16 days ago)

CVE-2025-40909
Perl threads have a working directory race condition where file operations may target unintended paths
Description: Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running. This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit. The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6

EPSS Score: 0.02%

Source: CVE
May 30th, 2025 (16 days ago)
CISO Stature Rises, but Security Budgets Remain Tight
Description: The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly gaining executive status and responsibilities.
Source: Dark Reading
May 30th, 2025 (16 days ago)
🏴‍☠️ Qilin has just published a new victim : wheel-king
Description: Wheel King Transhaul Inc. is a privately held Canadian company with dedicated fleet services as its core business. Our company is built upon the values and work ethics that are foundational to family operated businesses. We offer our custome ...
Source: Ransomware.live
May 30th, 2025 (16 days ago)