CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Police dismantles HeartSender cybercrime marketplace network
Description: ​Law enforcement authorities in the United States and the Netherlands have seized 39 domains and associated servers used by the HeartSender phishing gang operating out of Pakistan. [...]
Source: BleepingComputer
January 31st, 2025 (5 months ago)
Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Description: Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with
Source: TheHackerNews
January 31st, 2025 (5 months ago)
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Description: Italy's data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek's service within the country, citing a lack of information on its use of users' personal data. The development comes days after the authority, the Garante, sent a series of questions to DeepSeek, asking about its data handling practices and where it obtained its training data. In particular, it wanted
Source: TheHackerNews
January 31st, 2025 (5 months ago)
Top 5 AI-Powered Social Engineering Attacks
Description: Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. There’s no brute-force ‘spray and pray’ password guessing. No scouring systems for unpatched software. Instead, it simply relies on manipulating emotions such as trust, fear, and respect for authority, usually with the goal of gaining access to sensitive information or protected systems.
Source: TheHackerNews
January 31st, 2025 (5 months ago)
Contec Monitors Used in U.S. Hospitals Carry Chinese Backdoor
Description: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a backdoor embedded in the firmware of the Contec CMS8000, a patient monitor used in U.S. healthcare facilities. The Contec CMS8000 is manufactured by Contec Medical Systems, a China-based company supplying medical devices to hospitals and clinics worldwide, including the U.S. and the … The post Contec Monitors Used in U.S. Hospitals Carry Chinese Backdoor appeared first on CyberInsider.
Source: CyberInsider
January 31st, 2025 (5 months ago)
AngelSense Exposed GPS and Personal Data of Tracked Users
Description: AngelSense, a company specializing in GPS tracking and assistive technology for individuals with special needs, inadvertently exposed a vast amount of sensitive user data due to an unsecured Elasticsearch database. Researchers at UpGuard discovered the data exposure on January 17, 2025, and after multiple attempts to notify the company, the database was finally secured on … The post AngelSense Exposed GPS and Personal Data of Tracked Users appeared first on CyberInsider.
Source: CyberInsider
January 31st, 2025 (5 months ago)
Another banner year for ransomware gangs despite takedowns by the cops
Source: TheRegister
January 31st, 2025 (5 months ago)
Fedora 41 : java-21-openjdk (2025-9f92cbc27f)
Description: Nessus Plugin ID 214835 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9f92cbc27f advisory. January CPU 2025Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected 1:java-21-openjdk package. Read more at https://www.tenable.com/plugins/nessus/214835
Source: Tenable Plugins
January 31st, 2025 (5 months ago)
Fedora 40 : expat (2024-2462a2fc4c)
Description: Nessus Plugin ID 214836 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-2462a2fc4c advisory. Rebase to version 2.6.4Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected expat package. Read more at https://www.tenable.com/plugins/nessus/214836
Source: Tenable Plugins
January 31st, 2025 (5 months ago)

CVE-2024-52948
Fedora 40 : lemonldap-ng (2025-07901b1995)
Description: Nessus Plugin ID 214837 with Medium Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-07901b1995 advisory. - [Security][CVE-2024-52948] CSRF on 2FA registration - [Security] Open redirect vulnerability in logoutTenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected lemonldap-ng package. Read more at https://www.tenable.com/plugins/nessus/214837
Source: Tenable Plugins
January 31st, 2025 (5 months ago)