CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild 🚨 Marked as known exploited on July 10th, 2025 (1 day ago). Description: Huntress discovered active exploitation of Wing FTP Server RCE (CVE-2025-47812). Learn more about the injection flaw, attack timeline, forensic artifacts, and how to protect your organization. EPSS Score: 57.3% Source: Huntress Blog July 10th, 2025 (1 day ago)
	🏴‍☠️ Kraken has just published a new victim : www.georgeallenconstruction.com Description: George Allen Construction specializes in providing innovative solutions for railroad construction projects, catering to the un... Source: Ransomware.live July 10th, 2025 (1 day ago)
	🏴‍☠️ Kraken has just published a new victim : www.wheelsauto.com Description: "For over 35 years Wheels Automotive Dealer Supplies has been Canada’s leader in Automotive retail products - as a manufacturer,... Source: Ransomware.live July 10th, 2025 (1 day ago)
CVE-2025-7425	Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr Description: A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption. EPSS Score: 0.01% Source: CVE July 10th, 2025 (1 day ago)
CVE-2024-36697	A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web... Description: A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp. EPSS Score: 0.03% Source: CVE July 10th, 2025 (1 day ago)
	Russian basketball player arrested in France over alleged ransomware ties Description: Daniil Kasatkin, 26, was detained in June at Paris’s Charles de Gaulle Airport shortly after arriving in the country with his fiancée, according to local media reports. Source: The Record July 10th, 2025 (1 day ago)
	FBI's CJIS demystified: Best practices for passwords, MFA & access control Description: FBI's Criminal Justice Information Services (CJIS) compliance isn't optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory. [...] Source: BleepingComputer July 10th, 2025 (2 days ago)
	The UN Made AI-Generated Refugees Description: The AIs are designed to teach people about atrocities in Sudan. Source: 404 Media July 10th, 2025 (2 days ago)
	Our Galaxy May Contain a Mysterious Force. It Could Change Physics Forever. Description: “If such a force is observed, it would be an incredible breakthrough in physics,” said one researcher. Source: 404 Media July 10th, 2025 (2 days ago)
	US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025 Description: In 2025, US-based violent extremists are likely to favor targeted attacks over mass-casualty events. Explore threat forecasts, ideological trends, and countermeasures in this Insikt Group intelligence report. Source: RecordedFuture July 10th, 2025 (2 days ago)