CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Microsoft has introduced a new update orchestration platform built on the existing Windows Update infrastructure, which aims to unify the updating system for all apps, drivers, and system components on Windows systems. [...]
May 28th, 2025 (22 days ago)
|
|
Description: Fujipoly is the leader in the design, formulation and production of high-performance Thermal Interface Materials, Elastomeric Connectors and Custom Silicone Extrusions.We operate a global network of 9 manufacturing and distribution centers to deliver you unprecedented product performance and dependability.Fuji Polymer Industries was established by a joint capital venture between Dow Corning and Chugai Bussan in 1978 as a company that would specialize in the secondary processing of industrial silicone rubber.Fujipoly has steadily grown over the past 43 years and now has 14 locations located in North America, Europe and Asia. In addition to the 14 locations, Fujipoly has a network of distributors and representatives, throughout the world, to meet your needs at the local level.This borderless business strategy has allowed Fujipoly to offer our products and support at locations, and at times, that are convenient to our customers.In the manufacturing industry where technological innovations are taking place one after the other, Fujipoly has always devoted itself to developing and supplying only those products that would meet the needs of the time.- Database, SQL- Financial documents- Personal information of employees and clients https://www.fujipoly.com/
May 28th, 2025 (22 days ago)
|
|
Description: Ukraine's SSSCIP agency said Russia has been responsible for more than 200 incidents against media outlets since the start of the war, including wiper attacks, DDoS incidents and disinformation campaigns.
May 28th, 2025 (22 days ago)
|
|
Description: Reflected Cross Site Scripting (XSS) in Real Easy Store
Wed, 05/28/2025 - 13:13
Aviso
Affected Resources
Real Easy Store.
Description
INCIBE has coordinated the publication of a medium severity vulnerability affecting Real Easy Store, a software that offers a set of functions and capabilities to create an online store, which has been discovered by Edgar Carrillo.This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector and CWE vulnerability type:CVE-2025-40651: CVSS v4.0: 5.1 | CVSS AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N | CWE-79
Identificador
INCIBE-2025-0274
3 - Medium
Solution
There is no reported solution at this time.
Detail
CVE-2025-40651: reflected Cross-Site Scripting (XSS) vulnerability in Real Easy Store. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the keyword parameter in /index.php?a=search. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.
References list
Real Easy Store - Product Website
...
EPSS Score: 0.06%
May 28th, 2025 (22 days ago)
|
|
Description: A new malware campaign has been using a fake Bitdefender website to spread VenomRAT alongside StormKitty and SilentTrinity, aiming to steal credentials, drain crypto wallets, and maintain persistent access for future exploitation. The campaign was discovered by DomainTools researchers, who traced the campaign’s infrastructure, malware configurations, and delivery methods. Bitdefender, the Romanian cybersecurity firm being …
The post Fake Bitdefender Site Spreads VenomRAT and StormKitty Malware appeared first on CyberInsider.
May 28th, 2025 (22 days ago)
|
|
Description: Apple announced it prevented over $2 billion in potentially fraudulent transactions on the App Store in 2024, contributing to over $9 billion in fraud prevention over the past five years. The figures come from Apple’s annual App Store fraud analysis, highlighting the company’s multifaceted efforts to safeguard both users and developers in an increasingly hostile …
The post Apple Blocks $2 Billion in Fraudulent App Store Transactions in 2024 appeared first on CyberInsider.
May 28th, 2025 (22 days ago)
|
|
Description: Apple says it blocked over $9 billion in fraudulent App Store transactions over the last five years, with over $2 billion in potentially fraudulent sanctions prevented in 2024 alone. [...]
May 28th, 2025 (22 days ago)
|
|
|
Description: [AI generated] Elite Advanced Laser Corporation, or Elaser, is a company that specializes in the manufacturing of semiconductor and printed circuit boards. They provide the exceedingly high technology of laser drilling machines, primarily used for producing microvia holes in several applications. Headquartered in Taoyuan City, Taiwan, the company strives for the high efficiency of laser production and developing innovations in the laser industry.
May 28th, 2025 (22 days ago)
|
|
Description: Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month.
The activity, observed by GreyNoise on May 8, 2025, involved as many as 251 malicious IP addresses that are all geolocated to Japan and hosted by Amazon.
"These IPs triggered 75 distinct behaviors, including CVE exploits,
May 28th, 2025 (22 days ago)
|
|
Description: Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall victim to a Browser-in-the-Middle (BitM) attack.
Like Man-in-the-Middle (MitM) attacks, BiTM sees criminals look to control the data flow between the victim’s computer and the target service, as
May 28th, 2025 (22 days ago)
|