CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: Whether you're facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it's time to consider the long-term benefits of transitioning to a cloud-first infrastructure.
Source: Dark Reading
January 27th, 2025 (5 months ago)
Description: In this special interview episode of the 404 Media Podcast, Sam talks to Alexzandra Kekesi, VP of Brand and Community at Pornhub, about age verification laws and what she's hearing from adult performers.
Source: 404 Media
January 27th, 2025 (5 months ago)
Description: Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we'll equip you with sharp insights to
Source: TheHackerNews
January 27th, 2025 (5 months ago)
Source: TheRegister
January 27th, 2025 (5 months ago)
Description: uniapi version 1.0.7 introduces code that would execute on import of the module and download a script from a remote URL, and would then execute the downloaded script in a thread. The downloaded script would harvest system information and POST the information to another remote URL. This code was found in the PyPI release artifacts and was not present in the public GitHub repository. References https://github.com/pypa/advisory-database/tree/main/vulns/uniapi/PYSEC-2025-2.yaml https://inspector.pypi.io/project/uniapi/1.0.7/packages/0f/40/c6e06c22bbc22ef45f40bf5a7711763fa08fec4d16b4718d86fd60970131/uniapi-1.0.7.tar.gz/uniapi-1.0.7/uniapi/__init__.py#line.11 https://github.com/advisories/GHSA-gvvw-rr8m-fj76
Source: Github Advisory Database (PIP)
January 27th, 2025 (5 months ago)
Description: The Open Web Application Security Project has recently introduced a new Top 10 project - the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists.  Non-human identity security represents an emerging
Source: TheHackerNews
January 27th, 2025 (5 months ago)
Source: TheRegister
January 27th, 2025 (5 months ago)
Description: UnitedHealth Group has disclosed that the February 2024 ransomware attack on its Change Healthcare subsidiary affected approximately 190 million individuals, nearly double its initial estimate of 100 million. The confirmation, provided to TechCrunch late Friday, makes this the largest medical data breach in U.S. history. In a statement, UnitedHealth spokesperson Tyler Mason acknowledged the staggering … The post UnitedHealth Data Breach Tally Upped to 190 Million Americans appeared first on CyberInsider.
Source: CyberInsider
January 27th, 2025 (5 months ago)
Source: TheRegister
January 27th, 2025 (5 months ago)
Description: A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.
Source: TheHackerNews
January 27th, 2025 (6 months ago)