CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: A patch bypass for a bug in the popular desktop emulator enables root-level privilege escalation and has no fix in sight.
Source: Dark Reading
February 24th, 2025 (5 months ago)
Description: This move comes less than a year after the United States banned Kaspersky products, out of the same fear that the company is under Russian government control.
Source: Dark Reading
February 24th, 2025 (5 months ago)
Description: OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. [...]
Source: BleepingComputer
February 24th, 2025 (5 months ago)
Description: Summary A bypass was found for the security feature trustedOrigins. This works for wild card or absolute URLs trustedOrigins configs and opens the victims website to a Open Redirect vulnerability, where it can be used to steal the reset password token of a victims account by changing the "callbackURL" parameter value to a website owned by the attacker. Details Absolute URLs The issue here appears in the middleware, specifically. This protection is not sufficiente and it allows attackers to get a open redirect, by using the payload /\/example.com. We can check this is a valid URL ( or it will be a valid URL because the URL parser fix it for us ), by checking the image bellow: // trustedOrigins = [ "https://example.com" ] validateURL("https://attacker.com", "callbackURL") // ❌ APIError, No Redirect validateURL("/\/attacker.com", "callbackURL") // ✅ Redirect to http://attacker.com Regex The issue here is because the regex is not strong enough [^/\\]*?\.example\.com[/\\]*? ( this is the regex it will be created if we have a wildcard as config ), but we can bypass by using a payload like: // trustedOrigins = [ "*.example.com" ] ┌──────────────────┐ ┌────────────────┐ ┌─────────────────┐ │ None of [ "/\" ] │ ────▶ │ ".example.com" │ ────▶ │ One of [ "/\" ] │ └──────────────────┘ └────────────────┘ └─────────────────┘ demo .example.com / ✅ Redirect to https://example.com d...
Source: Github Advisory Database (NPM)
February 24th, 2025 (5 months ago)

CVE-2025-26803

Description: The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method. References https://nvd.nist.gov/vuln/detail/CVE-2025-26803 https://github.com/phusion/passenger/commit/bb15591646687064ab2d578d5f9660b2a4168017 https://blog.phusion.nl/2025/02/19/passenger-6-0-26 https://github.com/phusion/passenger/compare/release-6.0.25...release-6.0.26 https://github.com/phusion/passenger/releases/tag/release-6.0.26 https://www.phusionpassenger.com/support https://github.com/advisories/GHSA-2cj2-qqxj-5m3r

EPSS Score: 0.18%

Source: Github Advisory Database (RubyGems)
February 24th, 2025 (5 months ago)
Description: Treasury workers don't know who the person is or why he is sending emails from a "Secretary of the Treasury" email address.
Source: 404 Media
February 24th, 2025 (5 months ago)
Description: Russia's National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country's credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. [...]
Source: BleepingComputer
February 24th, 2025 (5 months ago)
Source: TheRegister
February 24th, 2025 (5 months ago)
Description: Confirmation by South Korea's data protection agency that the AI chatbot sent data to TikTok's Chinese parent company has spurred a ban in that nation, and is again is calling into question DeepSeek's safety.
Source: Dark Reading
February 24th, 2025 (5 months ago)
Description: Microsoft has released ad-supported versions of its Office desktop apps, which have limited features but allow Windows users to edit their documents for free. [...]
Source: BleepingComputer
February 24th, 2025 (5 months ago)