CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: This move comes less than a year after the United States banned Kaspersky products, out of the same fear that the company is under Russian government control.
February 24th, 2025 (5 months ago)
|
|
|
Description: OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. [...]
February 24th, 2025 (5 months ago)
|
|
|
Description: Summary
A bypass was found for the security feature trustedOrigins. This works for wild card or absolute URLs trustedOrigins configs and opens the victims website to a Open Redirect vulnerability, where it can be used to steal the reset password token of a victims account by changing the "callbackURL" parameter value to a website owned by the attacker.
Details
Absolute URLs
The issue here appears in the middleware, specifically. This protection is not sufficiente and it allows attackers to get a open redirect, by using the payload /\/example.com. We can check this is a valid URL ( or it will be a valid URL because the URL parser fix it for us ), by checking the image bellow:
// trustedOrigins = [ "https://example.com" ]
validateURL("https://attacker.com", "callbackURL") // ❌ APIError, No Redirect
validateURL("/\/attacker.com", "callbackURL") // ✅ Redirect to http://attacker.com
Regex
The issue here is because the regex is not strong enough [^/\\]*?\.example\.com[/\\]*? ( this is the regex it will be created if we have a wildcard as config ), but we can bypass by using a payload like:
// trustedOrigins = [ "*.example.com" ]
┌──────────────────┐ ┌────────────────┐ ┌─────────────────┐
│ None of [ "/\" ] │ ────▶ │ ".example.com" │ ────▶ │ One of [ "/\" ] │
└──────────────────┘ └────────────────┘ └─────────────────┘
demo .example.com / ✅ Redirect to https://example.com
d...
February 24th, 2025 (5 months ago)
|
CVE-2025-26803 |
Description: The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-26803
https://github.com/phusion/passenger/commit/bb15591646687064ab2d578d5f9660b2a4168017
https://blog.phusion.nl/2025/02/19/passenger-6-0-26
https://github.com/phusion/passenger/compare/release-6.0.25...release-6.0.26
https://github.com/phusion/passenger/releases/tag/release-6.0.26
https://www.phusionpassenger.com/support
https://github.com/advisories/GHSA-2cj2-qqxj-5m3r
EPSS Score: 0.18%
February 24th, 2025 (5 months ago)
|
|
|
Description: Treasury workers don't know who the person is or why he is sending emails from a "Secretary of the Treasury" email address.
February 24th, 2025 (5 months ago)
|
|
|
Description: Russia's National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country's credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. [...]
February 24th, 2025 (5 months ago)
|
|
|
February 24th, 2025 (5 months ago)
|
|
|
Description: Confirmation by South Korea's data protection agency that the AI chatbot sent data to TikTok's Chinese parent company has spurred a ban in that nation, and is again is calling into question DeepSeek's safety.
February 24th, 2025 (5 months ago)
|
|
|
Description: Microsoft has released ad-supported versions of its Office desktop apps, which have limited features but allow Windows users to edit their documents for free. [...]
February 24th, 2025 (5 months ago)
|
|
|
Description: Summary
The application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification endpoint and any other endpoint that accepts callback url. While the server blocks fully qualified URLs (e.g., https://evil.com), it incorrectly allows scheme-less URLs (e.g., //malicious-site.com). This results in the browser interpreting the URL as https://malicious-site.com, leading to unintended redirection.
bypass for : https://github.com/better-auth/better-auth/security/advisories/GHSA-8jhw-6pjj-8723
Affected Versions
All versions prior to 1.1.19
Details
The application’s email verification endpoint (/auth/verify-email) accepts a callbackURL parameter intended to redirect users after successful email verification. While the server correctly blocks fully qualified external URLs (e.g., https://evil.com), it improperly allows scheme-less URLs (e.g., //malicious-site.com). This issue occurs because browsers interpret //malicious-site.com as https://malicious-site.com, leading to an open redirect vulnerability.
An attacker can exploit this flaw by crafting a malicious verification link and tricking users into clicking it. Upon successful email verification, the user will be automatically redirected to the attacker's website, which can be used for phishing, malware distribution, or stealing sensitive authentication tokens.
Impact
Phishing & Credential Theft – Attackers can redirect users to a fake login page, tricking them into enterin...
February 24th, 2025 (5 months ago)
|