CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-13605	Form Maker by 10Web < 1.15.33 - Admin+ Stored XSS Description: The Form Maker by 10Web WordPress plugin before 1.15.33 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). EPSS Score: 0.03% Source: CVE February 24th, 2025 (5 months ago)
CVE-2024-12308	Logo Slider < 4.6.0 - Contributor+ Stored XSS Description: The Logo Slider WordPress plugin before 4.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. EPSS Score: 0.03% Source: CVE February 24th, 2025 (5 months ago)
	Google Cloud introduces quantum-safe digital signatures in KMS Description: Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. [...] Source: BleepingComputer February 24th, 2025 (5 months ago)
	Rather than add a backdoor, Apple decides to kill iCloud E2EE for UK peeps Source: TheRegister February 24th, 2025 (5 months ago)
	Thailand Targets Cyber Sweatshops to Free 1,000s of Captives Description: Thai police said it was expecting to soon welcome 7,000 human trafficking victims, forced to work on cybercrime scams in call centers in Mynmar, in a first wave of people being freed from captivity. Source: Dark Reading February 24th, 2025 (5 months ago)
	Link Dumper - Web Crawler for Extracting Links and JavaScript Files Description: Link Dumper - Web Crawler for Extracting Links and JavaScript Files Source: DarkWebInformer February 24th, 2025 (5 months ago)
	Threat Attack Weekly Description: Threat Attack Weekly Source: DarkWebInformer February 23rd, 2025 (5 months ago)
	Mysterious Team Bangladesh Targeted the Website of Railways of the Federation of Bosnia and Herzegovina Description: Mysterious Team Bangladesh Targeted the Website of Railways of the Federation of Bosnia and Herzegovina Source: DarkWebInformer February 23rd, 2025 (5 months ago)
	A Threat Actor Claims to have Leaked the Data of FM Logistic Description: A Threat Actor Claims to have Leaked the Data of FM Logistic Source: DarkWebInformer February 23rd, 2025 (5 months ago)
	Mr Hamza Targeted the Website of Ministry of Defence of Bosnia and Herzegovina Description: Mr Hamza Targeted the Website of Ministry of Defence of Bosnia and Herzegovina Source: DarkWebInformer February 23rd, 2025 (5 months ago)