CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-9020 |
Description: The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
EPSS Score: 0.04%
January 19th, 2025 (6 months ago)
|
|
Description: Earlier this week, Ubisoft released Assassin's Creed Valhalla and Assassin's Creed Origins patches to fix Windows 11 24H2 compatibility issues that caused crashes, freezes, and audio problems. [...]
January 18th, 2025 (6 months ago)
|
|
|
Description: The Federal Trade Commission (FTC) has announced action against General Motors (GM) and its subsidiary, OnStar, for unlawful collection and sale of drivers' precise geolocation and driving behavior data without first obtaining their consent. [...]
January 18th, 2025 (6 months ago)
|
|
|
Description: crocs Claims to be Selling the Data of SEAG
January 18th, 2025 (6 months ago)
|
|
|
Description: A Threat Actor Claims be Selling Chinese Citizens Passport Data
January 18th, 2025 (6 months ago)
|
|
|
Description: That’s my secret Captain…I’m always traumatized.
January 18th, 2025 (6 months ago)
|
|
|
Description: In July 2024, a threat actor gained access to the hotel management platform Otelier and retrieved customer data from well-known hotel brands including Marriott, Hilton, and Hyatt. The data included 437k customer email addresses (a further 868k generated email addresses from the booking.com and Expedia platforms were not loaded into HIBP), names, physical addresses, phone numbers, booking information related to travel plans, purchases recorded by the platform and in a small number of cases, partial credit card data. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
January 18th, 2025 (6 months ago)
|
|
|
Description: The U.S. Supreme Court has unanimously upheld a federal law banning TikTok unless its parent company, ByteDance, divests its ownership. This decision, grounded in national security concerns, has ignited debates over data privacy, free speech, and the broader impact of government intervention in tech regulation. With TikTok threatening to “go dark” on January 19 unless …
The post TikTok Ban Sparks Debate Over Digital Privacy and Govt Control appeared first on CyberInsider.
January 18th, 2025 (6 months ago)
|
|
|
Description: Hotel management platform Otelier has suffered a major data breach, exposing millions of guest reservations and personal details from well-known hotel brands such as Marriott, Hilton, and Hyatt. The breach, which began in July 2024 and persisted until October, resulted in nearly 8TB of data being stolen from the company's Amazon S3 cloud storage. Otelier, …
The post Otelier Breach Exposes Marriot, Hilton Bookings and Client Info appeared first on CyberInsider.
January 18th, 2025 (6 months ago)
|
|
|
Description: The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency.
"People's Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recent
January 18th, 2025 (6 months ago)
|