CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-25326

Description: An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.02%

Source: CVE
February 27th, 2025 (5 months ago)

CVE-2025-25325

Description: An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.02%

Source: CVE
February 27th, 2025 (5 months ago)

CVE-2025-25324

Description: An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.02%

Source: CVE
February 27th, 2025 (5 months ago)

CVE-2025-25323

Description: An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.02%

Source: CVE
February 27th, 2025 (5 months ago)
Description: miyako Claims to be Selling Access to an Unidentified Internet Service Provider in Bosnia
Source: DarkWebInformer
February 27th, 2025 (5 months ago)

CVE-2025-20060

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dario Health Equipment: USB-C Blood Glucose Monitoring System Starter Kit Android Application, Application Database and Internet-based Server Infrastructure Vulnerabilities: Exposure of Private Personal Information to an Unauthorized Actor, Improper Output Neutralization For Logs, Storage of Sensitive Data In a Mechanism Without Access Control, Cleartext Transmission of Sensitive Information, Cross-site Scripting (XSS), Sensitive Cookie Without 'HttpOnly' Flag, Exposure of Sensitive Information Due To Incompatible Policies 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to expose information, inject code, manipulate data, or achieve cross-site scripting (XSS), resulting in full session compromise. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Dario Health products are affected: USB-C Blood Glucose Monitoring System Starter Kit Android Applications: Versions 5.8.7.0.36 and prior Dario Application Database and Internet-based Server Infrastructure: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 EXPOSURE OF PRIVATE PERSONAL INFORMATION TO AN UNAUTHORIZED ACTOR CWE-359 An attacker could expose cross-user Personal Identifiable Information (PII) and personal health information transmitted to the Android device via the Dario Health application database. CVE-2025-20060 has been assigned to this vulnerability. A CVSS v3.1 ...

EPSS Score: 0.09%

Source: All CISA Advisories
February 27th, 2025 (5 months ago)
Description: miyako Claims to be Selling Access to an Unidentified Chinese Computer Store
Source: DarkWebInformer
February 27th, 2025 (5 months ago)
Description: It took about 24 hours for Alibaba’s Wan 2.1 to become popular in the AI porn community.
Source: 404 Media
February 27th, 2025 (5 months ago)
Description: Arikos Claims to be Selling the Data of OurSMS
Source: DarkWebInformer
February 27th, 2025 (5 months ago)
Description: ​The Belgian federal prosecutor's office is investigating whether Chinese hackers were behind a breach of the country's State Security Service (VSSE). [...]
Source: BleepingComputer
February 27th, 2025 (5 months ago)