CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Red Wolf Cyber Team Targeted the Website of UMANG - Unified Mobile Application for New Age Governance
Description: Red Wolf Cyber Team Targeted the Website of UMANG - Unified Mobile Application for New Age Governance
Source: DarkWebInformer
February 5th, 2025 (5 months ago)
AMD fixes bug that lets hackers load malicious microcode patches
Description: ​AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. [...]
Source: BleepingComputer
February 5th, 2025 (5 months ago)
A Threat Actor Claims to be Selling Alteka Consulting Ltd
Description: A Threat Actor Claims to be Selling Alteka Consulting Ltd
Source: DarkWebInformer
February 5th, 2025 (5 months ago)
[ckan] CKAN has an XSS vector in user uploaded images in group/org and user profiles
Description: Impact Using a specially crafted file, a user could potentially upload a file containing code that when executed could send arbitrary requests to the server. If that file was opened by an administrator, it could lead to escalation of privileges of the original submitter or other malicious actions. Users must have been registered to the site to exploit this vulnerability. Patches This vulnerability has been fixed in CKAN 2.10.7 and 2.11.2 Workarounds On versions prior to CKAN 2.10.7 and 2.11.2, site maintainers can restrict the file types supported for uploading using the ckan.upload.user.mimetypes / ckan.upload.user.types and ckan.upload.group.mimetypes / ckan.upload.group.types config options. To entirely disable file uploads you can use: ckan.upload.user.types = none References https://github.com/ckan/ckan/security/advisories/GHSA-7pq5-qcp6-mcww https://github.com/ckan/ckan/commit/7da6a26c6183e0a97a356d1b1d2407f3ecc7b9c8 https://github.com/ckan/ckan/commit/a4fc5e06634ed51d653ab819a7efc8e62f816f68 https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-group-mimetypes https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-group-types https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-user-mimetypes https://docs.ckan.org/en/latest/maintaining/configuration.html#ckan-upload-user-types https://github.com/advisories/GHSA-7pq5-qcp6-mcww
Source: Github Advisory Database (PIP)
February 5th, 2025 (5 months ago)
Senator Tries Bringing Anti-Porn Age Verification Law to New York
Description: “The internet is a dangerous place for children, rife with sexual material that is harmful to minors," the Republican lawmakers wrote. "The ease of access to this material is downright scary."
Source: 404 Media
February 5th, 2025 (5 months ago)
You Can’t Post Your Way Out of Fascism
Description: Authoritarians and tech CEOs now share the same goal: to keep us locked in an eternal doomscroll instead of organizing against them, Janus Rose writes.
Source: 404 Media
February 5th, 2025 (5 months ago)
DOGE Employees Ordered to Stop Using Slack While Agency Transitions to a Records System Not Subject to FOIA
Description: Employees at Elon Musk's agency have been told "OMB is asking us to stop generating new slack messages starting now."
Source: 404 Media
February 5th, 2025 (5 months ago)
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
Description: The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the available security updates as soon as possible. [...]
Source: BleepingComputer
February 5th, 2025 (5 months ago)
Trump Hotels Allegedly Breached, 164,900 Records Leaked Online
Description: A threat actor known as FutureSeeker has leaked a database allegedly stolen from Trump Hotels, exposing the personal details of over 164,900 individuals. The dataset, allegedly sourced from Trump Hotels' invitations list, was posted on BreachForums yesterday. The leaked records include full names, email addresses, invitation statuses, and timestamps, raising concerns about potential phishing attacks … The post Trump Hotels Allegedly Breached, 164,900 Records Leaked Online appeared first on CyberInsider.
Source: CyberInsider
February 5th, 2025 (5 months ago)
AMD EPYC and Ryzen CPUs Affected by Severe Security Flaw
Description: A newly disclosed vulnerability affecting AMD's Zen 1 through Zen 4 CPUs allows attackers with local administrator privileges to load malicious microcode patches, potentially compromising confidential workloads. The issue, discovered by Google's Security Team, stems from the use of an insecure hash function in AMD's microcode signature verification process, raising concerns over Secure Encrypted Virtualization-Secure … The post AMD EPYC and Ryzen CPUs Affected by Severe Security Flaw appeared first on CyberInsider.
Source: CyberInsider
February 5th, 2025 (5 months ago)