CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China (PRC) of targeting its Ministry of Foreign Affairs.
In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the unclassified networks of the Czech Ministry of Foreign Affairs. The extent of the breach is presently not
May 28th, 2025 (21 days ago)
|
|
Description: An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware.
Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are said to have breached the computer networks of various organizations in the United States and encrypted files with Robbinhood ransomware to demand Bitcoin ransom payments.
May 28th, 2025 (21 days ago)
|
|
Description: The developer claims the tool is for cops, but anyone can sign up and use it for targeted harassment.
May 28th, 2025 (21 days ago)
|
CVE-2024-25711 |
Description: diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted.
EPSS Score: 2.42% SSVC Exploitation: none
May 28th, 2025 (21 days ago)
|
|
Description: Cator, Ruma & Associates falls victim to RHYSIDA Ransomware
May 28th, 2025 (21 days ago)
|
|
Description: Alleged data breach of Centro Nacional de Estimación, Prevención y Reducción del Riesgo de Desastres (CENEPRED)
May 28th, 2025 (21 days ago)
|
|
Description: Impact
CSS Selector expressions are not properly encoded, which can lead to XSS (cross-site scripting) vulnerabilities.
Patches
This is patched in v1.14.0.
Workarounds
Users can apply encoding manually to their selectors, if they are unable to upgrade.
References
https://github.com/chrome-php/chrome/security/advisories/GHSA-3432-fmrf-7vmh
https://github.com/chrome-php/chrome/pull/691
https://github.com/chrome-php/chrome/commit/34b2b8d1691f4e3940b1e1e95d388fffe81169c8
https://github.com/advisories/GHSA-3432-fmrf-7vmh
May 28th, 2025 (21 days ago)
|
|
Description: A second state passing such tough data privacy legislation, particularly around geolocation data, could be a significant factor in pushing other states to do the same, experts said.
May 28th, 2025 (21 days ago)
|
|
Description: A sprawling network of fake AI, VPN, and crypto software download sites is being used by the "Dark Partner" threat actors to conduct a crypto theft attacks worldwide. [...]
May 28th, 2025 (21 days ago)
|
|
Description: Over 9,000 ASUS routers are compromised by a novel botnet dubbed "AyySSHush" that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys. [...]
May 28th, 2025 (21 days ago)
|