CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

	A Threat is Selling Unidentified URL:Login Logs Description: A Threat is Selling Unidentified URL:Login Logs Source: DarkWebInformer January 29th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling the Legion Ransomware Builder Description: A Threat Actor Claims to be Selling the Legion Ransomware Builder Source: DarkWebInformer January 29th, 2025 (5 months ago)
	Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks Description: The North Korean threat actor known as the Lazarus Group has been observed leveraging a "web-based administrative platform" to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns. "Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API," SecurityScorecard's Source: TheHackerNews January 29th, 2025 (5 months ago)
	FBI seizes domains for Cracked.io, Nulled.to hacking forums Description: The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...] Source: BleepingComputer January 29th, 2025 (5 months ago)
	Windows 11's Start menu is getting iPhone and Android integration Description: Windows 11's Start menu is getting a big update with full-fledged Android and iPhone integration. [...] Source: BleepingComputer January 29th, 2025 (5 months ago)
	Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet Source: TheRegister January 29th, 2025 (5 months ago)
	Preserving integrity in the age of generative AI Description: New ‘Content Credentials’ guidance from the NSA seeks to counter the erosion of trust. Source: NCSC Alerts and Advisories January 29th, 2025 (5 months ago)
	The Old Ways of Vendor Risk Management Are No Longer Good Enough Description: Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance. Source: Dark Reading January 29th, 2025 (5 months ago)
	Uncover Hidden Browsing Threats: Get a Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks Description: As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Learn how a complimentary LayerX risk assessment can help identify, assess, and address browsing and SaaS risks in your workplace. [...] Source: BleepingComputer January 29th, 2025 (5 months ago)
CVE-2024-40891	Hackers exploit critical unpatched flaw in Zyxel CPE devices Description: Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. [...] EPSS Score: 4.13% Source: BleepingComputer January 29th, 2025 (5 months ago)